dependency-audit
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructions for using industry-standard package manager tools (
npm,pnpm) and well-known security scanning services (Snyk,GitHub Dependabot). - [SAFE]: External references target trusted and well-known domains including
npmjs.com,github.com, andsnyk.iofor documentation and official security advisories. - [SAFE]: CI/CD configuration examples (GitHub Actions) utilize official actions from verified organizations (
actions/checkout,actions/setup-node,snyk/actions) and demonstrate secure secret management using GitHub secrets placeholders. - [SAFE]: No malicious patterns such as prompt injection, unauthorized data access, or obfuscation were identified in the instructions or scripts.
Audit Metadata