hence-share
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/capture.pyutilizes thesubprocessmodule to runnpx playwright, which automates screenshot capture for project showcasing. - [EXTERNAL_DOWNLOADS]: The screenshot capture workflow uses
npx, which may download the Playwright package and its dependencies from the well-known NPM registry. - [DATA_EXFILTRATION]: Project details, metadata, and local screenshot files are uploaded to the vendor's API at
https://hence.shas part of the intended project-sharing functionality.
Audit Metadata