agent-ui
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves component definitions and SDKs from the vendor's official domain (ui.inference.sh) and package registry (@inferencesh/sdk). These are trusted resources within the vendor's ecosystem.
- [CREDENTIALS_UNSAFE]: The documentation correctly guides developers to use environment variables and an API proxy route for the INFERENCE_API_KEY, ensuring that sensitive credentials remain on the server and are not exposed to the browser.
- [COMMAND_EXECUTION]: Installation steps use standard package manager commands (npm, npx) to integrate the component and its dependencies. These commands target specific, well-known vendor resources.
Audit Metadata