bundle-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill follows established best practices for JavaScript build optimization and bundle analysis.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing well-known development tools from the npm registry, such as webpack-bundle-analyzer and rollup-plugin-visualizer. These are standard packages from trusted ecosystem sources.
- [COMMAND_EXECUTION]: Uses basic bash commands (grep, file existence checks) to identify the project's build tool. These operations are restricted to local configuration analysis and do not involve remote or untrusted data execution.
- [DATA_EXFILTRATION]: No network requests or data transmission logic was found. External script references in documentation point to official CDN services (jsDelivr) for educational purposes.
Audit Metadata