Skills
skills/pproenca/dot-skills/nuqs-codemod-runner/Gen Agent Trust Hub

nuqs-codemod-runner

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/verify.sh script executes shell commands defined in config.json (specifically the typecheck_command and lint_command fields) using the eval command. This allows the execution of arbitrary shell strings provided in the skill's configuration.\n- [EXTERNAL_DOWNLOADS]: The scripts/apply.sh script invokes npx --yes jscodeshift@latest, which downloads and executes the jscodeshift package from the official npm registry at runtime.\n- [PROMPT_INJECTION]: The skill implements a workflow that is susceptible to Indirect Prompt Injection (Category 8).\n
  • Ingestion points: scripts/scan.sh uses ripgrep to read source code contents from the local repository.\n
  • Boundary markers: scripts/report.sh presents discovered code snippets to the AI agent within markdown tables, but lacks explicit boundary delimiters or instructions to ignore embedded directives within those snippets.\n
  • Capability inventory: The skill possesses write access to the filesystem (via jscodeshift in scripts/apply.sh) and shell execution capabilities (scripts/verify.sh).\n
  • Sanitization: While scripts/report.sh performs basic text escaping for markdown display, it does not sanitize or filter the content of the snippets for potentially malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 05:43 PM
Security Audit — agent-trust-hub — nuqs-codemod-runner