deps
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes package manager CLI tools (pnpm, npm, yarn, bun) to perform audits, check for outdated versions, and install/update packages as part of its core functionality.
- [COMMAND_EXECUTION]: It runs local test suites (Vitest, Jest, Playwright) and TypeScript type-checking (
tsc --noEmit) to verify that updates do not introduce regressions before committing changes. - [COMMAND_EXECUTION]: The process utilizes Git commands (
git add,git commit,git reset --hard) to manage state checkpoints and perform automated rollbacks if tests fail during an upgrade cycle. - [EXTERNAL_DOWNLOADS]: The skill downloads and installs packages from official public registries (e.g., npmjs.org) during the batch upgrade phase.
- [DATA_EXFILTRATION]: Performs web searches to discover modern alternatives for outdated or deprecated packages, which involves sending package names to a search engine.
Audit Metadata