monorepo-management
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download and execution of monorepo initialization tools using npx (e.g., create-turbo and create-nx-workspace). These are provided by well-known technology organizations.
- [COMMAND_EXECUTION]: Instructs the agent to execute various shell commands for workspace management, including pnpm installation, turbo build orchestration, and nx task execution.
- [PROMPT_INJECTION]: The skill demonstrates processing and acting upon local configuration files such as package.json, turbo.json, and nx.json, which constitutes an indirect prompt injection surface.
- Ingestion points: Reads workspace configuration and project metadata (SKILL.md, sub-skills/implementation-playbook.md).
- Boundary markers: Absent; the instructions do not specify delimiters for external file content.
- Capability inventory: Includes execution of shell commands via npx, pnpm, turbo, and nx across multiple files.
- Sanitization: No sanitization or validation of the lifecycle scripts or configuration keys is performed before execution.
Audit Metadata