ai-sdk
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution Patterns]: The skill uses local commands like
grepandjqto search through documentation and process model lists. It also usescurlto fetch a list of available AI models from a centralized gateway. These are standard operations for development tools aimed at providing up-to-date configuration data. - [External Package Management]: The instructions guide users to install standard libraries from the AI SDK ecosystem (e.g.,
ai,@ai-sdk/react) via established package managers likepnpm. This is a routine part of setting up a development environment for the SDK. - [Data Ingestion Surface]: The skill is designed to search through local
node_modulesand fetch markdown documentation from official project domains. While this represents an ingestion of external content into the agent's context, it is the primary purpose of the skill to provide accurate, documentation-based answers. - [Environment Configuration]: Reference files mention the use of
.env.localfor managing API keys, which aligns with security best practices for local secret management during development.
Audit Metadata