bump-version
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate functionality for managing project versions across multiple configuration files. It follows the principle of least privilege by restricting modifications to specific version fields.
- [COMMAND_EXECUTION]: The skill uses the
grepcommand to read version information from local files (package.json,.claude-plugin/plugin.json, and.sd0x/install-state.json). This is a standard, non-malicious operation used to retrieve existing metadata. - [DATA_EXPOSURE_AND_EXFILTRATION]: Accesses project-specific configuration files to update version numbers. The access is limited to standard configuration paths and does not involve sensitive directories (e.g., .ssh, .aws) or credentials. There are no network operations detected that could facilitate data exfiltration.
Audit Metadata