Skills
skills/cloudcannon/agent-skills/migrating-to-cloudcannon/Gen Agent Trust Hub

migrating-to-cloudcannon

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to run the official CloudCannon command-line interface using npx @cloudcannon/cli. This downloads and executes the package from the well-known NPM registry to perform project detection and configuration tasks.
  • [COMMAND_EXECUTION]: Provided shell scripts (audit-astro.sh and rename-dash-index.sh) are used to gather project metadata and perform file renames within the local project directory. These scripts are deterministic and do not involve unauthorized network activity.
  • [COMMAND_EXECUTION]: The auditing automation uses node -e as a helper to parse JSON data from the local package.json file. This is a common and safe technique for extracting project dependencies and version information.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 08:14 AM
Security Audit — agent-trust-hub — migrating-to-cloudcannon