web-artifacts-builder
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell scripts (
init-artifact.sh,bundle-artifact.sh) to automate the creation and management of web projects. These scripts execute standard system commands such aspnpm,tar,sed, andduto manage files and dependencies. - [EXTERNAL_DOWNLOADS]: During initialization, the scripts download well-known frontend development packages (React, Vue, Vite, Tailwind CSS, shadcn/ui components) from the official npm registry. These are standard dependencies for modern web development.
- [DYNAMIC_EXECUTION]: The scripts use
node -eto execute small JavaScript snippets for modifyingtsconfig.jsonand other configuration files. This is a standard practice for programmatic configuration management in development environments. - [SAFE]: No sensitive data access, exfiltration patterns, obfuscation, or persistence mechanisms were detected. The skill follows standard development workflows for bootstrapping and building frontend applications.
Audit Metadata