provider-upgrade
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Orchestrates dependency updates by suggesting and running standard package manager commands (npm install, pip install, go get, dotnet add) based on the project's language to upgrade Pulumi SDKs.\n- [EXTERNAL_DOWNLOADS]: Communicates with the Pulumi Cloud API (api.pulumi.com) to retrieve current provider versions and stack usage statistics to assess upgrade impact.\n- [EXTERNAL_DOWNLOADS]: Performs targeted web searches restricted to the official pulumi.com domain to find migration guides and breaking change documentation.\n- [PROMPT_INJECTION]: Indirect Surface: The skill ingests external data from web searches and API responses to generate summaries and required actions; however, this is a low-risk surface for a vendor-authored tool and is mitigated by mandatory user confirmation and the use of 'pulumi preview' to verify changes before they are applied.
Audit Metadata