Skills
skills/davekilleen/dex/dex-rollback/Gen Agent Trust Hub

dex-rollback

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several system and version control commands to perform the rollback, including git reset --hard, git tag, and git commit. It also utilizes shell utilities like rm, cp, awk, and comm to manage file cleanup based on version manifests.
  • [EXTERNAL_DOWNLOADS]: The rollback process involves running npm install and pip3 install -r core/mcp/requirements.txt to ensure project dependencies align with the restored version. Additionally, it directs users to download source code archives from the author's GitHub repository (github.com/davekilleen/dex) for manual restoration.
  • [DATA_EXFILTRATION]: The skill includes a 'Silent Tracking' section that calls a track_event function for analytics (e.g., dex_rollback_completed). The documentation states this only occurs if the user has opted into analytics and returns a 'disabled' status otherwise.
  • [REMOTE_CODE_EXECUTION]: Executes a local shell script scripts/generate-manifest.sh as part of the restoration process. This script is part of the local repository being managed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:41 AM
Security Audit — agent-trust-hub — dex-rollback