modernize
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a set of bash scripts (detect.sh, migrate-to-oxlint.sh, etc.) that automate project-local tasks. These scripts use standard package managers (npm, pnpm, yarn, bun) to install development tools and utilize robust utilities like jq and sed to modify project configuration files. The implementation includes defensive practices such as creating backups of package.json before modification.
- [EXTERNAL_DOWNLOADS]: The migration process involves installing official, well-known developer tools (@typescript/native-preview, oxlint, tsdown) from the public npm registry. All URLs referenced in the skill point to official documentation or source code repositories for these projects, including those maintained by Microsoft and the Oxc project.
- [DATA_EXPOSURE]: No evidence of sensitive data access or exfiltration was found. The scripts interact exclusively with project-level configuration and dependency files (package.json, lock files) and do not attempt to access credentials, environment variables, or private user directories.
Audit Metadata