Skills
skills/elsahafy/skills/web-artifacts-builder/Gen Agent Trust Hub

web-artifacts-builder

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The initialization script (init-artifact.sh) and bundling script (bundle-artifact.sh) execute shell commands to manage the development environment and project files. The scripts use npm, pnpm, sed, and tar to install tools, modify configurations, and extract UI components from a local archive. node -e is used to programmatically update tsconfig.json files with path aliases.
  • [EXTERNAL_DOWNLOADS]: The skill automates the installation of numerous frontend development packages from the official npm registry using pnpm. This includes tools like Vite, Parcel, and Tailwind CSS, as well as libraries from the @radix-ui scope and other common utilities like lucide-react, zod, and date-fns.
  • [REMOTE_CODE_EXECUTION]: The initialization process utilizes pnpm create vite, which downloads and executes the official Vite scaffolding tool to set up the project boilerplate. This is a routine and trusted operation in modern web development workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 12:42 AM