app-dev
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
shelltool to executefdk validateandfdk run. This is necessary for its core functionality of providing real-time feedback and validation for Freshworks applications during the development process. - [EXTERNAL_DOWNLOADS]: The provided templates and documentation reference UI components (Crayons) and the FDK CLI hosted on trusted vendor domains (
cdn.freshdev.io) and well-known CDNs (cdn.jsdelivr.net,unpkg.com). These downloads are standard for the Freshworks development ecosystem and are documented neutrally. - [SAFE]: The skill includes a dedicated security enforcement layer (
.cursor/rules/security.mdc) that actively instructs the agent to prevent common vulnerabilities like XSS, command injection, and improper logging of secrets in the applications it helps create. It also provides a cleanup script (scripts/cleanup_old_rules.sh) for managing local rule files in a targeted and safe manner.
Audit Metadata