Skills
skills/subframeapp/subframe/setup/Gen Agent Trust Hub

setup

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Executes @subframe/cli from npm via npx. This is the official command-line interface provided by the vendor (SubframeApp) for project scaffolding.
  • [COMMAND_EXECUTION]: Runs shell commands to initialize the project (npx @subframe/cli init) and start the development server (npm run dev). These commands handle project-specific parameters like Project IDs and Auth tokens.
  • [EXTERNAL_DOWNLOADS]: Configures font links pointing to Google Fonts (fonts.googleapis.com and fonts.gstatic.com), which are well-known and trusted external services.
  • [EXTERNAL_DOWNLOADS]: Uses MCP tools to communicate with Subframe's web platform (app.subframe.com) to retrieve project lists and authentication tokens.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 03:35 PM