migrate-app-to-flows

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute grep commands for auditing authentication usage and identifying outbound network calls in the source code. These commands are used to gather data for the migration process and do not incorporate untrusted user input.
  • [EXTERNAL_DOWNLOADS]: The skill updates package.json to use @cognite/cli via npx. This is a vendor-owned package (matching the author 'cognitedata') and is a standard tool for the migration task.
  • [SAFE]: The skill performs expected development operations such as editing JSON configuration files (app.json, package.json, manifest.json) and delegating to related internal skills, all of which are consistent with its stated purpose of application migration.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 04:02 AM
Security Audit — agent-trust-hub — migrate-app-to-flows