package-json-maintenance
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection from files within the repository it maintains.
- Ingestion points: The skill reads package.json metadata, README.md, and other documentation files to generate reports and PR descriptions.
- Boundary markers: Absent; content from project files is interpolated into summaries and pull request bodies without explicit delimiters or warnings to the model to ignore embedded instructions.
- Capability inventory: The skill can execute shell commands, perform package manager installations, and run project-defined validation scripts (build, test, lint).
- Sanitization: Absent; the skill does not sanitize or validate external repository content before processing or reporting.
- COMMAND_EXECUTION (SAFE): The skill executes package manager commands and project-defined validation scripts.
- Evidence: Executes scripts for building, linting, and testing found in the local package.json files.
- Context: These actions are the primary intended purpose of the skill and are necessary for validating package updates.
- EXTERNAL_DOWNLOADS (SAFE): The skill downloads and updates packages from standard registries.
- Evidence: Automates package installation via detected package managers (npm, yarn, pnpm, bun).
- Context: This is a core feature of the maintenance workflow and is expected behavior for this skill.
Audit Metadata