app-builder
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to run project initialization and dependency installation commands (e.g., npx create-next-app, npm install, pip install). These actions are essential and appropriate for the skill's primary objective of application scaffolding.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to download and install third-party dependencies from official registries like npm and PyPI. All referenced packages, such as Next.js, FastAPI, Prisma, and Stripe, are well-known and trusted technology components.
- [DATA_EXFILTRATION]: The skill handles configuration for sensitive services (e.g., Stripe and Resend) by guiding the user to use environment variables and .env files. This aligns with security best practices for avoiding hardcoded credentials.
Audit Metadata