frontend-development
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill involves executing standard development commands such as 'next build', 'npx vite-bundle-visualizer', and pre-commit hooks via 'husky' for linting and testing.
- [EXTERNAL_DOWNLOADS]: The project setup and optimization phases include installing well-known frontend frameworks and libraries from the npm registry, such as React, Tailwind CSS, and TanStack Query.
- [PROMPT_INJECTION]: The skill processes design artifacts (Figma handoffs, token specs) which constitutes an indirect prompt injection surface. 1. Ingestion points: 'SKILL.md' (design packages). 2. Boundary markers: No explicit delimiters identified. 3. Capability inventory: Extensive file system access for code generation as defined in 'SKILL.md'. 4. Sanitization: No explicit sanitization of input data identified.
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill follows industry best practices for frontend development and includes a robust human review gate.
Audit Metadata