senior-frontend
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Overall Security] (SAFE): The skill provides structural skeletons for frontend development tools (scaffolding, analysis, generation) and associated reference guides. All analyzed Python scripts are boilerplate implementations that perform basic path validation and empty analysis loops without executing dangerous operations.
- [Dependency Management] (SAFE): While the documentation mentions
npm installandpip install, nopackage.jsonorrequirements.txtfiles are included in the skill, preventing any immediate third-party risk assessment. The commands themselves are standard practice for the described use case. - [Data Handling] (SAFE): No instances of hardcoded credentials, sensitive file access (like SSH keys or AWS configs), or external network requests were found in any of the scripts or markdown files.
- [Indirect Prompt Injection] (SAFE): While the scripts are designed to process local project files (an ingestion surface), they currently lack logic that would parse or execute content from those files, effectively nullifying the current risk of indirect injection.
Audit Metadata