electron-egg
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs users to download the framework via
git clone https://gitee.com/dromara/electron-egg.gitand subsequently runnpm install. Because Gitee is not included in the 'Trusted External Sources' list, these instructions promote the execution of unverifiable code from an external repository. - COMMAND_EXECUTION (LOW): The skill provides numerous shell commands for building and developing applications (e.g.,
npm run build,npm run dev). While these are standard for Node.js development, they are instructions for executing local code which should be verified by the user. - DATA_EXPOSURE & EXFILTRATION (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network exfiltration patterns were detected. All network references (kaka996.com) appear related to official documentation.
Audit Metadata