add-icon
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches kit configuration from 'kit.fontawesome.com' and metadata from 'api.fontawesome.com'. These are official domains for Font Awesome services and are used for legitimate configuration purposes.
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
latest-version.py,icon-exists.py,fetch-kit.py) to manage icon data. These scripts are bundled with the skill or its associated project and perform non-dangerous metadata operations. - [COMMAND_EXECUTION]: The skill uses a subagent to explore the local project directory for configuration files (
package.json,.font-awesome.md) and code patterns to determine the integration method. This is standard behavior for an IDE-style agent skill. - [DATA_EXFILTRATION]: No sensitive data is transmitted externally. Network operations are limited to fetching public or token-authenticated icon metadata from trusted vendor domains.
Audit Metadata