web-artifacts-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes bash scripts to automate the scaffolding and bundling of web artifacts. It uses standard utilities like 'sed', 'tar', and 'cat' to manage project files and configurations.
- [EXTERNAL_DOWNLOADS] (SAFE): The initialization and build scripts download legitimate packages from the official npm registry. The packages include well-known libraries like React, Tailwind CSS, and shadcn/ui components.
- [REMOTE_CODE_EXECUTION] (SAFE): The setup process uses 'pnpm create vite' to initialize the project, which is the standard, trusted method for creating Vite applications. All executions are confined to the project environment.
Audit Metadata