Skills
skills/ant-design/ant-design-pro/pro-upgrade/Gen Agent Trust Hub

pro-upgrade

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill clones the official template repository from GitHub (https://github.com/ant-design/ant-design-pro.git). This is a trusted source belonging to the skill's authoring organization and is necessary for comparing the user's project with the latest version.
  • [COMMAND_EXECUTION]: The skill uses several shell commands including npm install, npm run build, npm run lint, and npx antd. These are standard tools for JavaScript development and are used here to update dependencies and verify the project state after the upgrade.
  • [PROMPT_INJECTION]: The skill acts on untrusted user project files (indirect prompt injection surface). However, this is inherent to its primary purpose as a code migration tool. It follows a structured flow and uses official CLI tools (npx antd) to perform migration checks, which mitigates risks associated with manual code interpretation.
  • [REMOTE_CODE_EXECUTION]: While the skill executes remote code via npm install and git clone, these actions target well-known and trusted registries/repositories (npm and the official Ant Design GitHub).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 01:03 PM
Security Audit — agent-trust-hub — pro-upgrade