langgraph-adk
Pass
Audited by Gen Agent Trust Hub on Jun 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands via Bun to manage project lifecycles, including installing dependencies (
bun add), verifying code integrity (bun run typecheck), and running the generated application (bun run start). these are standard operations for a developer tool. - [EXTERNAL_DOWNLOADS]: The skill initiates downloads of standard JavaScript/TypeScript packages from the NPM registry to provide the necessary runtime environment for the generated agents (e.g., langchain, zod, ink).
- [SAFE]: The skill functions as a legitimate code generation and scaffolding tool. It uses environment-based configuration for LLM endpoints and retrieves model metadata (such as context window size) using standard API requests to the user-specified base URL. The workflow includes architectural design steps and diagnostic checks that align with its stated purpose.
Audit Metadata