dx-optimizer

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill instructions focus on standard development lifecycle improvements, such as simplifying onboarding, identifying automation opportunities, and configuring project-specific CLI commands. No malicious commands or unauthorized file access patterns are present.
  • [PROMPT_INJECTION]: The skill is intended to analyze project configurations and files (e.g., package.json, README.md). While this processing of local project data presents a theoretical surface for indirect prompt injection (Category 8), the skill does not contain malicious logic and encourages the agent to clarify goals and validate outcomes with the user.
  • [EXTERNAL_DOWNLOADS]: The skill metadata references a public GitHub repository for its source. GitHub is a well-known service, and the reference is for informational purposes rather than for downloading unverified executable code at runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 08:01 PM
Security Audit — agent-trust-hub — dx-optimizer