js-deps
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to interact with package managers (npm, yarn, pnpm, bun) and git. It also runs project-defined validation scripts (build, lint, test) extracted from the project's
package.jsonfile. - [EXTERNAL_DOWNLOADS]: The skill downloads packages and security patches from official JavaScript registries. These operations target well-known, trusted services necessary for dependency management.
- [PROMPT_INJECTION]: The skill includes defensive instructions (Category 8 mitigation) to treat
package.jsoncontent as untrusted external data. It specifically directs the agent to parse manifests as structured data and avoid interpreting free-text fields as instructions. - [REMOTE_CODE_EXECUTION]: By design, the skill executes scripts defined in the local project's
package.json. The instructions establish a 'Trust boundary' note, acknowledging that validation scripts are project-defined code and ensuring they run within a disposable worktree to limit impact.
Audit Metadata