Skills
skills/laravel/agent-skills/starter-kit-upgrade/Gen Agent Trust Hub

starter-kit-upgrade

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several shell-based operations to facilitate the project upgrade process.
  • It uses git for repository management, branching, and performing byte-by-byte file comparisons.
  • It leverages the GitHub CLI (gh) to retrieve commit and pull request metadata from the author's official repositories.
  • The scripts/run_tests.sh script discovers and executes test commands defined within the user's project, such as those found in composer.json or package.json (e.g., composer test, npm run build).
  • [EXTERNAL_DOWNLOADS]: The scripts/fetch_kit.sh script clones official Laravel starter kit repositories from GitHub into a local temporary directory. These downloads are restricted to the official repositories associated with the skill's author.
  • [REMOTE_CODE_EXECUTION]: The scripts/reconcile_manifests.sh script runs standard package manager installation commands, including composer install and various JS package manager equivalents (npm, pnpm, yarn, bun). These commands are used to synchronize dependencies and may execute installation hooks defined in the project's manifest files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 09:01 PM