ui-review
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
ripgrep(rg) via theBashtool to perform automated checks on frontend source files. The commands are constructed with static search patterns and target specific project directories, which is consistent with its stated purpose. - [DATA_EXPOSURE]: The skill uses the
Readtool andrgto examine files within theapps/frontend/directory and design documentation. This access is limited to project-related UI code and does not involve sensitive configuration files or personal data. - [REMOTE_CODE_EXECUTION]: While the skill's tool definitions include permission for
npmcommands, the actual instructions only utilizerg. No external packages are installed, and no remote scripts are downloaded or executed.
Audit Metadata