Skills
skills/openai/openai-agents-js/pnpm-upgrade/Gen Agent Trust Hub

pnpm-upgrade

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [External Communication]: The skill performs a network request to the official GitHub API to retrieve version metadata for the pnpm/action-setup repository. This is used to identify the latest stable release for the toolchain update process.
  • [Command Execution]: It utilizes local command-line tools including pnpm, corepack, jq, and git. These tools are invoked to update the local package manager environment and to resolve repository tags into immutable commit SHAs, which is a recommended security practice for CI/CD configurations.
  • [Configuration Management]: The skill includes instructions to update package.json and GitHub Action workflow files. These modifications are targeted and intended to align the project's versioning with the newly identified pnpm release.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 06:22 AM