dependency-map
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFE
Full Analysis
- Build File Analysis: The skill analyzes standard project configuration files, such as Java POM files, .NET project files, and JavaScript package manifests. This is a standard procedure for identifying project dependencies and does not involve accessing sensitive user credentials or personal data.
- Data Processing Considerations: The skill processes information from external build files to generate its reports. While parsing external data is a common surface for indirect prompt injection, this skill defines strict extraction parameters (package name, version, and scope), which effectively limits the influence that external data can have on the agent's behavior.
- Local Output Management: Analysis results are stored in a designated documentation directory (
.github/modernize/assessment/) within the local workspace. This ensures the information generated remains under the user's control and within the project context. - Absence of Network Operations: The skill contains no instructions for network communication, data exfiltration, or remote script execution, maintaining a strictly local execution profile.
Audit Metadata