Skills
skills/vibeeval/vibecosystem/supply-chain-security/Gen Agent Trust Hub

supply-chain-security

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary purpose is security auditing and its functions align with that goal. It uses standard development tools and libraries.
  • [COMMAND_EXECUTION]: The skill uses shell commands and script execution (execSync, node -e, npm show) to perform audits. This is expected behavior for an auditing tool scanning local project files and package registries.
  • [DATA_EXPOSURE]: The skill reads project configuration files like package.json and node_modules content. These operations are performed locally for analysis and do not involve sensitive system secrets or unauthorized external transmission of data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 09:03 AM
Security Audit — agent-trust-hub — supply-chain-security