arch-tsdown-cli
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill templates and CI configuration (assets/ci.yml) recommend the installation and use of external tools such as @antfu/ni, tsdown, and bumpp, as well as a remote GitHub Action workflow (sxzz/workflows). While these are common in the modern TypeScript ecosystem, the sources are not part of the specified trusted organizations list.
- COMMAND_EXECUTION (INFO): The recommended development workflow involves the use of tsx (references/core-bin-entry.md) to dynamically execute TypeScript source code during development. This is a standard practice for the toolchain and is limited to local development contexts.
Audit Metadata