npm-package-comparator
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the 'tinyfish' CLI tool to perform its primary function. It dynamically constructs shell commands using variables like {PACKAGE} and {OWNER}/{REPO} based on user input. While necessary for the skill's operation, it relies on the agent to ensure input is sanitized before execution.\n- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the '@tiny-fish/cli' global package from the vendor's own namespace. It also fetches live data from reputable services including npmjs.com, github.com, bundlephobia.com, and snyk.io.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from external websites (package metadata and repositories), which is an indirect prompt injection surface.\n
- Ingestion points: External web content is read via the 'tinyfish agent run' command as defined in SKILL.md.\n
- Boundary markers: The instructions for the sub-agents include strict negative constraints such as 'Do NOT click any links' and 'Read only what is visible on this page'.\n
- Capability inventory: The skill context allows for shell command execution and management of temporary files in the /tmp directory.\n
- Sanitization: The skill requires sub-agents to return data in a structured JSON format, which provides a layer of validation for the ingested content.
Audit Metadata