nvm-verify
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard, benign diagnostic commands such as
node -v,npm -v, andnvm --versionto verify installed versions. - [DATA_EXPOSURE]: It reads shell configuration files including
~/.bashrc,~/.zshrc, and~/.profile. This access is restricted to searching for specific "nvm" strings viagrepto diagnose path issues, which is consistent with its primary purpose. No sensitive data is extracted or transmitted. - [EXTERNAL_DOWNLOADS]: The skill references official documentation hosted on GitHub (
github.com/nvm-sh/nvm). These are informational links and do not involve remote code execution or package installation.
Audit Metadata