Skills
skills/popup-studio-ai/bkit-claude-code/desktop-app/Gen Agent Trust Hub

desktop-app

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: Provides standard command-line instructions for project initialization and build processes using well-known tools like npm.
  • [EXTERNAL_DOWNLOADS]: References official project templates and installers from trusted sources, including the npm registry and official framework repositories.
  • [PROMPT_INJECTION]: The skill acts as an instruction set for generating code based on user-provided descriptions, creating a surface for potential indirect prompt injection.
  • Ingestion points: Processes user-provided app descriptions and feature requests through provided templates.
  • Boundary markers: No specific delimiters or "ignore embedded instructions" markers are utilized in the instruction templates.
  • Capability inventory: Utilizes Bash, Write, and Edit tools to create and modify local project files based on the guide's logic.
  • Sanitization: The guide includes a dedicated security checklist recommending the use of contextBridge to avoid direct Node.js API exposure and suggesting encryption for sensitive data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 01:28 PM