web-frameworks
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [SAFE] (SAFE): No malicious instructions, obfuscation, or data exfiltration patterns were detected. The skill is entirely informational and follows standard technical documentation practices.
- [NO_CODE] (SAFE): Although the documentation references utility scripts for automation (e.g., nextjs-init.py), these files are not present in the skill package, preventing any unintended code execution or potential script-based vulnerabilities.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill encourages the use of standard package managers like npm and npx for project initialization. These references are directed at official and trusted ecosystem registries.
- [REMOTE_CODE_EXECUTION] (SAFE): Documentation mentions project scaffolding via 'npx'. While this involves executing remote scripts, the context is restricted to official, trusted tools from Vercel and the React ecosystem, which are industry-standard for web development.
Audit Metadata