deps-dev
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior or security vulnerabilities were identified in the skill's instructions or code.
- [EXTERNAL_DOWNLOADS]: Fetches package metadata from the well-known and trusted Google Open Source Insights API (deps.dev). This communication is used solely to retrieve public versioning information.
- [COMMAND_EXECUTION]: Uses a local Python script
scripts/get-versions.pyto query package information. The script validates input ecosystem types and properly URL-encodes package names to prevent injection attacks. - [DATA_EXFILTRATION]: No evidence of sensitive file access or credential exposure. The skill does not interact with local secrets or private configuration files.
Audit Metadata