workflow-package-upgrade
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected in the skill instructions or metadata. All identified patterns are consistent with the skill's primary purpose of dependency management.
- [PROMPT_INJECTION]: The skill contains emphasized instructional phrases such as "IMPORTANT MUST ATTENTION" and "MUST ATTENTION". These are used to enforce a rigorous workflow (scout, investigate, plan, test, etc.) and ensure the agent uses specific tools for each step. This behavior is instructional rather than an attempt to override safety protocols or bypass agent constraints.
- [COMMAND_EXECUTION]: The skill description mentions "npm update" and "NuGet upgrade". These commands are standard for the intended task of upgrading software packages and do not appear to be used for malicious purposes in this context.
Audit Metadata