update-deps
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill includes a directive to 'automatically exit' if run as a standalone request, which is an instruction designed to override the agent's default operational behavior.
- [NO_CODE]: No scripts, binaries, or configuration files are included in the skill; it consists entirely of markdown instructions.
- [PROMPT_INJECTION]: The skill defines a workflow that ingests untrusted data, creating a surface for indirect prompt injection.
- Ingestion points: Phase 1 and Phase 2 involve reading dependency manifests, security vulnerability reports, and external changelogs or migration guides.
- Boundary markers: The instructions do not specify any delimiters or safety prompts to prevent the agent from following instructions embedded within the external documentation.
- Capability inventory: While no code is provided, the skill instructs the agent to perform command execution (testing and package updates), filesystem writes (lock files and READMEs), and network requests (reading changelogs).
- Sanitization: The skill lacks instructions for the agent to sanitize or validate the external content before taking action based on it.
Audit Metadata