mf-perf
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local commands using Node.js and the system's package manager (e.g., npm) to install development dependencies like '@typescript/native-preview'. These actions are initiated only after explicit user confirmation and operate within the local project environment.
- [EXTERNAL_DOWNLOADS]: The skill downloads the '@typescript/native-preview' package from the official npm registry. This is a well-known service, and the package is a standard development dependency related to the skill's purpose of optimizing TypeScript type generation.
- [DATA_EXPOSURE]: The script 'performance-check.js' processes a context object containing project metadata (like bundler name and dependencies) to provide performance advice. It outputs this information to the local console for the user and does not transmit data to any external network or remote server.
Audit Metadata