verify
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard development lifecycle commands using the
Bashtool, including build scripts (npm run build) and test runners (vitest,jest,pytest,go test,cargo test), which are necessary for verifying project integrity.- [EXTERNAL_DOWNLOADS]: Utilizesnpxto run various verification tools such astsc,eslint,biome,madge, andknip. These tools may be downloaded from the official NPM registry if not already present in the environment.- [COMMAND_EXECUTION]: Evaluates the project environment by scanning source code and configuration files (e.g.,package.json) for structural issues and security vulnerabilities usinggitleaksandast-grep(sg). While this process involves processing untrusted local data, it follows expected developer workflows. (Vulnerability Surface Analysis): Ingestion points:package.jsonand project source code; Boundary markers: None; Capability inventory:Bash,Edit,Read; Sanitization: None.
Audit Metadata