pkgx
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use
eval "$(x pkgx +tool)". This pattern is used to dynamically inject tool-specific environment variables and PATH updates directly into the current shell session. - [EXTERNAL_DOWNLOADS]: The primary function of the skill is to fetch and execute external, open-source binaries and scripts from the pkgx ecosystem at runtime. This is the intended behavior of the package runner.
Audit Metadata