prpm-json-best-practices
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A detailed audit of the SKILL.md and example manifests confirmed that the content is strictly instructional and contains no malicious code, obfuscation, or data exfiltration attempts.
- [COMMAND_EXECUTION]: The skill documents the use of development scripts like 'npm run build' and validation commands using 'jq'. These are presented as educational examples for users managing their own manifests and are not executed by the agent as part of the skill's logic.
- [EXTERNAL_DOWNLOADS]: The skill references legitimate project resources and documentation at 'docs.prpm.dev' and GitHub. These external links are contextually appropriate and do not pose a security risk.
Audit Metadata