Skills
skills/qdbin/ai-skills/web-artifacts-builder/Gen Agent Trust Hub

web-artifacts-builder

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The initialization and bundling scripts download numerous standard development packages (e.g., Vite, Tailwind CSS, Radix UI, Parcel) from the official npm/pnpm registries.
  • [COMMAND_EXECUTION]: The skill uses shell scripts (scripts/init-artifact.sh and scripts/bundle-artifact.sh) to perform common development tasks:
  • Invokes pnpm to initialize projects and manage dependencies.
  • Executes node -e to programmatically update configuration files like tsconfig.json during setup.
  • Uses tar to extract a local components archive into the project structure.
  • Uses sed for minor text replacements in generated HTML templates.
  • [PROMPT_INJECTION]: The skill contains instructional language regarding 'AI slop' and design guidelines which are benign and do not attempt to override agent safety or system instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:38 AM