Skills
skills/infer-events/skills/infer-upgrade/Gen Agent Trust Hub

infer-upgrade

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses standard shell commands (npm, npx, grep, sed, stat) to determine installed versions and perform updates. These operations are consistent with the skill's primary function of package management.
  • [EXTERNAL_DOWNLOADS]: Fetches official updates for @inferevents/sdk and @inferevents/mcp from the npm registry. It also downloads skill definitions from the vendor's GitHub repository using npx skills add infer-events/skills. These operations target the vendor's own infrastructure.
  • [DATA_EXFILTRATION]: Reads local configuration files (~/.infer/config.json, .mcp.json) and writes to a version cache file (~/.infer/last-update-check.json). This data is used exclusively for local state management and update logic; no evidence of sensitive data being transmitted to third-party domains was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 04:38 AM