Skills
skills/x-school-academy/ai-dev-swarm/dev-swarm-npm-publish/Gen Agent Trust Hub

dev-swarm-npm-publish

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were detected. The skill outlines a legitimate administrative process for package management.
  • [COMMAND_EXECUTION]: The skill guides the user or agent through the execution of standard development commands, including npm publish, npm version, and git tag. These operations are essential for the skill's stated purpose and are performed using well-known, trusted tools.
  • [CREDENTIALS_UNSAFE]: The skill demonstrates a security-conscious approach by explicitly instructing users to avoid publishing secrets and providing practical examples of how to exclude sensitive files like .env via .npmignore or the files field in package.json.
  • [EXTERNAL_DOWNLOADS]: The workflow references the official npm registry and GitHub for metadata and publishing. These are well-known services within the software development ecosystem, and no suspicious or untrusted third-party URLs were found.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 08:28 PM