add-package
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard development commands to build, test, and lint packages within a monorepo environment. These include commands like
pnpm run build,pnpm run test, andpnpm run lint. It also utilizes internal monorepo tools such astsgoandremix-test, which is consistent with the skill's purpose for the Remix-run ecosystem. - [COMMAND_EXECUTION]: The validation workflow involves shell command interpolation using the
<package-name>variable (e.g.,pnpm --filter @remix-run/<package-name> run typecheck). This represents a potential command injection surface. The agent should sanitize the package name input to ensure no shell metacharacters are executed.
Audit Metadata