nx-generate
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes npx nx commands to list, help, and run generators, as well as node -e to locate configuration files within node_modules. These are standard operations for managing an Nx workspace.
- [EXTERNAL_DOWNLOADS]: Uses npx which may download official Nx packages from the npm registry if they are not already present in the environment.
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it interpolates user-provided requirements into shell command arguments for code generation.
- Ingestion points: User requests for project structure or scaffolding (SKILL.md).
- Boundary markers: None present.
- Capability inventory: Shell command execution via nx and node (SKILL.md).
- Sanitization: None; the skill relies on the Nx CLI's internal argument parsing.
Audit Metadata