capacitor-app-upgrade-v5-to-v6
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [DYNAMIC_CONTEXT_INJECTION]: The skill uses a dynamic command to read the local
package.jsonfile and log current Capacitor package versions at load time.\n - Evidence: SKILL.md contains a command
!node -e "..."that filters dependencies for @capacitor/ prefixes.\n - Context: This is used to provide the agent with a snapshot of the current environment to ensure the correct migration path is followed.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from the local filesystem (package.json) which could potentially contain malicious content if the project itself is compromised.\n
- Ingestion points:
package.jsonis read by a node script in SKILL.md.\n - Boundary markers: None present.\n
- Capability inventory: The skill allows the use of the
Bashtool to perform node operations and project modifications (e.g., npm install, npx cap sync).\n - Sanitization: The input from
package.jsonis parsed as JSON and filtered for specific keys starting with @capacitor/, providing structural validation and limiting the data surface.
Audit Metadata