web-artifacts-builder
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell scripts (init-artifact.sh and bundle-artifact.sh) to automate the initialization and building of web projects. It executes standard development tools such as pnpm, npm, sed, and node for environment setup, file manipulation, and project configuration.
- [EXTERNAL_DOWNLOADS]: The initialization process downloads verified frontend development libraries and tools from the official NPM registry, including Vite, Tailwind CSS, and various Radix UI components. These downloads are performed using standard package managers and target well-known, trusted libraries.
- [SAFE]: No malicious patterns, such as prompt injection, unauthorized data access, or obfuscation, were detected. The skill's behavior is consistent with its stated purpose of assisting in the creation of complex web artifacts.
Audit Metadata