oma-frontend
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill establishes a strict authentication boundary, mandating client-side only auth UI and stateless JWT/JWE tokens while explicitly forbidding the use of server-side libraries or database adapters.
- [SAFE]: All listed dependencies (e.g., TanStack Query, Jotai, Zod, Better Auth) are well-known, industry-standard libraries for modern web development.
- [SAFE]: The execution protocol includes a safety-critical instruction in the error playbook, requiring the agent to report missing dependencies for manual intervention rather than attempting to install them autonomously.
- [SAFE]: The skill enforces the FSD-lite architectural pattern, which minimizes security risks related to complex cross-dependency chains and unintended data leaks between features.
- [SAFE]: Accessibility is treated as a core requirement, with a mandatory checklist for ARIA labels, semantic HTML, and keyboard navigation to prevent common UX-related security issues.
Audit Metadata