Skills
skills/rstackjs/agent-skills/rsbuild-v2-upgrade/Gen Agent Trust Hub

rsbuild-v2-upgrade

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run development commands such as build, dev, and test scripts found in the project's local environment. It also utilizes the taze utility via npx to automate dependency updates. These are routine operations for a software upgrade skill.
  • [EXTERNAL_DOWNLOADS]: The skill references the official Rsbuild migration guide hosted at v2.rsbuild.rs and uses npx to fetch the taze package from the npm registry. These are well-known and trusted sources within the JavaScript ecosystem.
  • [PROMPT_INJECTION]: The skill possesses an ingestion surface for potential indirect prompt injection as it reads project-specific configuration files and external documentation content.
  • Ingestion points: package.json, Rsbuild configuration files (e.g., rsbuild.config.ts), and the external URL https://v2.rsbuild.rs/guide/upgrade/v1-to-v2.
  • Boundary markers: Absent.
  • Capability inventory: Shell command execution for package management and project scripts.
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 07:09 AM