Skills
skills/endorlabs/skills-ideas/endor-upgrade-impact/Gen Agent Trust Hub

endor-upgrade-impact

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the 'endorctl' command-line tool using 'npx' to query the Endor Labs API for project information and upgrade recommendations.
  • [EXTERNAL_DOWNLOADS]: The use of 'npx -y endorctl' results in the download and execution of the 'endorctl' package from the NPM registry. This is the official tool provided by the skill's author for interacting with their service.
  • [DATA_EXPOSURE]: The skill reads project identifiers from the local '.endor/scan-full-results.json' file to contextualize API requests. This is standard behavior for tools integrating with the Endor Labs ecosystem.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 04:25 AM