electron-scaffold
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands and a dedicated script (
scripts/scaffold.sh) to initialize Electron projects, manage file structures, and perform git operations. - [EXTERNAL_DOWNLOADS]: The skill triggers the download of project templates and library dependencies from the npm registry using standard tools like
npm initandnpm install. These resources originate from well-known community sources and official package repositories. - [SAFE]: The code generation and scaffolding behavior are the primary and intended functions of the skill. The skill provides extensive documentation on security best practices, including context isolation and Content Security Policy (CSP) implementation.
Audit Metadata