deps-migrate
Warn
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DYNAMIC_EXECUTION]: In Phase 4, the skill creates a temporary environment in
/tmpwhere it generates and executes a shell script (test-runner.sh) to verify code migration snippets. This involves executing agent-generated logic against code analyzed from the repository. - [COMMAND_EXECUTION]: The skill identifies and executes arbitrary commands defined in the project's configuration, such as scripts in
package.json(test, lint, build, typecheck) and commands parsed from CI configuration files like GitHub Actions, GitLab CI, or CircleCI. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It ingests untrusted data from repository files (source code, lockfiles, CI configs) and external documentation (via search or Context7). It lacks specified boundary markers or sanitization logic for this data, which is subsequently used to influence migration plans and script generation in an environment with broad capabilities.
- [COMMAND_EXECUTION]: The workflow involves running package manager CLI tools (npm, pnpm, yarn, bun, cargo, pip, etc.) and framework-specific migration utilities like
npx react-codemodand@angular/clito modify the local environment and dependencies.
Audit Metadata