dart-tooling
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard Dart SDK commands such as
dart analyze,dart fix, anddart pubto perform project maintenance, static analysis, and dependency management. - [EXTERNAL_DOWNLOADS]: The skill instructs the agent to add the
checkspackage from the official Dart package registry (pub.dev) usingdart pub add dev:checks, which is a well-known and trusted service for the Dart ecosystem. - [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists as the skill processes local project files through
dart analyzeanddart fix. Malicious content within the code being analyzed could theoretically attempt to influence agent behavior, though this is a general risk for any code analysis tool. - Ingestion points: Project source code processed by
dart analyze .anddart fix(SKILL.md). - Boundary markers: Not explicitly defined in the instructions.
- Capability inventory: File modification (
dart fix --apply,dart pub add), file reading (dart analyze). - Sanitization: Relies on standard Dart SDK tool parsing.
Audit Metadata