purgetss
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
Bash(purgetss *)andBash(node *)tools to perform project initialization, build styling utilities, and manage assets. These high-privilege operations are necessary for the skill's purpose as a developer utility and are explicitly documented for user transparency. - [EXTERNAL_DOWNLOADS]: The skill manages dependencies via the NPM registry, including
purgetssandtikit. These are vendor resources owned by the author 'maccesar'. Other dependencies liketailwindcssandeslintare standard industry tools from well-known services. - [PERSISTENCE_MECHANISMS]: The tool automates the addition of pre-compile hooks in
alloy.jmkto ensure styling updates are synchronized with app builds. This is a functional feature of the PurgeTSS workflow rather than a malicious persistence attempt. - [SAFE]: No patterns of prompt injection, data exfiltration, or obfuscation were identified. The behavior of the skill aligns perfectly with its stated purpose as a utility-first styling toolkit.
Audit Metadata