npm-deps-cleanup
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill relies on industry-standard tools for dependency auditing and monorepo management, such as knip, depcheck, and syncpack.
- [EXTERNAL_DOWNLOADS]: Auditing utilities are retrieved via official runners (npx, pnpm dlx) from the public npm registry, which is standard practice.
- [COMMAND_EXECUTION]: Shell commands are restricted to package management actions (install, uninstall, dedupe) within the project's own directory structure.
- [DATA_EXFILTRATION]: No patterns of data exfiltration were detected; the skill processes local manifests to generate optimization metrics.
Audit Metadata