Skills
skills/vdustr/skills/vp-deps-upgrade/Gen Agent Trust Hub

vp-deps-upgrade

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill automates dependency management by executing package manager commands such as npm, pnpm, yarn, cargo, pip, and go to perform version bumps and installations.
  • [COMMAND_EXECUTION]: Phase 4 involves generating and running a test-runner.sh script within an isolated /tmp directory to validate code migrations before they are applied to the project.
  • [EXTERNAL_DOWNLOADS]: The skill fetches package metadata, releases, and documentation from well-known services including the npm registry and GitHub's API.
  • [REMOTE_CODE_EXECUTION]: In Phase 3.5, the workflow includes running official migration tools (codemods) such as react-codemod and @angular/cli using npx, which executes code from the official npm registry.
  • [COMMAND_EXECUTION]: The skill utilizes the gh CLI to interact with GitHub for checking out pull request branches, fetching repository metadata, and monitoring CI status.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 11:53 AM