nicelicense
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to run the
nicelicensepackage from the npm registry usingnpx.- [COMMAND_EXECUTION]: Executes shell commands to automate license operations, including writing to the filesystem and updating project configuration files.- [PROMPT_INJECTION]: Potential for indirect prompt injection when the agent processes data from project files during license validation. - Ingestion points: Reads local
LICENSEfiles via the--validateflag. - Boundary markers: Absent.
- Capability inventory: File system writes and
package.jsonmodifications via thenicelicensetool. - Sanitization: Not specified.
Audit Metadata