full-stack-master
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes standard local development commands such as
pnpm lint,pnpm typecheck, andVitestfor code quality and testing purposes. These are executed within the local environment as part of the intended development cycle. - [EXTERNAL_DOWNLOADS]: References the use of
pnpm, which is a standard Node.js package manager, to manage project dependencies and run scripts. No unauthorized remote downloads or piped script executions were detected. - [PROMPT_INJECTION]: The workflow involves processing external data from
todo.md,roadmap.md, and user interviews. While this presents a surface for indirect prompt injection, the skill includes mandatory reference to security and testing standards (security.md,testing.md) and incorporates audit steps (security-guardian,code-quality-auditor) to mitigate risks. - [SAFE]: The skill coordinates internal resources and sub-skills (like
nuxt-code-editorandtest-engineer) using structured workflows and relative file paths. It adheres to the author's stated purpose of facilitating full-stack development cooperation.
Audit Metadata