deps
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill relies on executing shell commands for various package managers including Go, NPM, Pip, Cargo, and Bundler to perform audits and updates.
- [EXTERNAL_DOWNLOADS]: The skill performs network operations to fetch and update packages from official and well-known software registries such as npmjs.com, pypi.org, and crates.io.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface area by ingesting untrusted data from package manifests and tool outputs that could contain adversarial instructions.
- Ingestion points:
SKILL.md(Step 1: Audit Current State; Step 4: Execute Updates) - Boundary markers: Absent; instructions do not explicitly define delimiters for external data or warn the agent to ignore instructions embedded in tool outputs.
- Capability inventory: The agent has shell execution capabilities (
npm install,pip install,go get) and file-system write access for report generation. - Sanitization: Absent; external content from package manifests or changelogs is interpolated directly into the context without validation or escaping.
Audit Metadata