prisma-next-extension-upgrade

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill facilitates the execution of local transformation scripts and project validation commands such as pnpm install, pnpm build, and pnpm test as part of the upgrade lifecycle. It also includes steps to ensure the skill itself is updated by fetching latest content from the vendor's repository using pnpm dlx.
  • [INDIRECT_PROMPT_INJECTION]: The skill scans project files to identify necessary upgrade steps.
  • Ingestion points: Reads migration.json and *.{ts,tsx} files during the detection phase (SKILL.md, upgrades/0.8-to-0.9/instructions.md).
  • Boundary markers: None explicitly defined for project file content.
  • Capability inventory: Performs file modifications and executes build/test scripts (SKILL.md, upgrades/0.8-to-0.9/strip-inline-contracts.ts).
  • Sanitization: Uses specialized TypeScript scripts for structural changes (upgrades/0.8-to-0.9/strip-inline-contracts.ts).
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 08:43 AM
Security Audit — agent-trust-hub — prisma-next-extension-upgrade