unslop
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The utility uses child processes (spawnSync, execSync) to run its internal validation scripts and manage software updates via the Node.js package manager. These operations are essential for its functionality as a CLI tool.
- [EXTERNAL_DOWNLOADS]: The update command fetches the latest package versions from the official NPM registry, and the autopilot mode may trigger npx commands. These network operations are transparent and follow standard developer tool patterns.
- [SAFE]: The skill instructions and associated scripts do not contain malicious patterns, data collection routines, or attempts to bypass agent safety filters. Instead, the tool explicitly includes scanners to detect and prevent security issues such as exposed API keys and insecure data handling in target projects.
Audit Metadata