Skills
skills/bbeierle12/skill-mcp-claude/component-library/Gen Agent Trust Hub

component-library

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a Python utility scripts/generate-component.py designed to automate component scaffolding by creating directories and writing boilerplate files.
  • Evidence: The script takes a name argument and constructs file paths: component_file = output_dir / f"{templates['kebab_case']}.tsx".
  • Context: While this is the intended functionality, the script does not sanitize the input name, which theoretically permits path traversal sequences (e.g., ../) that could result in files being written outside the intended directory.
  • [EXTERNAL_DOWNLOADS]: The skill references and recommends numerous third-party libraries for UI and testing.
  • Evidence: SKILL.md and reference files list dependencies such as @radix-ui/react-dialog, framer-motion, and @tanstack/react-table.
  • Context: These are widely used, reputable packages from the official NPM registry and are consistent with the skill's purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 10:06 AM