ui-clone

The skill aims to automate UI cloning from PageFlows screenshots into a Next.js/Tailwind scaffold and bundle it as a reusable AI agent skill. Its footprint is generally coherent with its stated purpose, focusing on local artifact generation and a browser-authenticated workflow. However, credential handling (local PageFlows auth state) and the explicit use of eval in the critical rules introduce non-trivial security considerations. The toolchain is largely benign if used locally with proper secrets management, but the combination of local credential storage and browser-driven authentication elevates risk to a cautious level. Treat as SUSPICIOUS if credentials are not isolated or if the eval directive is ever executed against untrusted input; otherwise, BENIGN with standard development-time risks.