Skills
skills/quarkusio/quarkus-skills/quarkus-update/Gen Agent Trust Hub

quarkus-update

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the official quarkus CLI tool with the update --dry-run flag to analyze potential migration paths. It also uses git ls-remote to query tags from the official repository.
  • [EXTERNAL_DOWNLOADS]: Fetches reference build files (e.g., pom.xml, build.gradle) and version metadata from the quarkusio/code-with-quarkus-compare GitHub repository. These are vendor-owned resources used for project comparison.
  • [PROMPT_INJECTION]: The skill processes untrusted local project files (pom.xml, build.gradle) to extract version strings. While this represents an indirect injection surface, the extracted data is used solely to construct URLs for official vendor resources, posing minimal risk in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 03:43 AM