frontend-magic-ui
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill utilizes
npx magicui-cli@latestto add components. This pattern involves downloading and executing code from the npm registry at runtime. Although this is the standard workflow for the Magic UI library, it introduces a dependency on external unverified packages. The severity is set to LOW because this action is essential to the skill's primary stated purpose. - [COMMAND_EXECUTION] (LOW): The skill requires broad terminal access (
Bash (*)) to run component installation and development commands. While typical for frontend development skills, users should exercise caution as this allows for arbitrary command execution within the agent's environment.
Audit Metadata