nvm-defaults-and-nvmrc
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation for a well-known, legitimate development tool (nvm). It does not contain malicious code, hidden instructions, or unauthorized data access.- [COMMAND_EXECUTION]: The skill includes shell scripts to automate Node.js version switching. These scripts utilize shell hooks and aliases to check for .nvmrc files when changing directories. These are standard patterns for nvm usage and do not involve arbitrary command execution from untrusted sources.- [DATA_EXFILTRATION]: No network communication or data exfiltration patterns were identified in the skill. All operations are confined to the local shell environment and the user's project directories.- [CREDENTIALS_UNSAFE]: The skill does not access sensitive credentials, private keys, or environment variables containing secrets. It interacts solely with Node.js version configuration files and shell profile settings.
Audit Metadata