npm-git-install

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is to provide decision-making guidance for Node.js package delivery strategies. It does not perform automated actions or execute code in the user's environment without instruction.
  • [SAFE]: The instructions explicitly promote security best practices, such as warning against committing secrets to manifests and recommending SHA-pinned references for reproducibility in shared environments.
  • [SAFE]: No evidence of prompt injection, data exfiltration, obfuscation, or persistence mechanisms was found in the skill files or metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:06 AM
Security Audit — agent-trust-hub — npm-git-install