component-gen
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected in the skill instructions.
- [COMMAND_EXECUTION]: The skill provides instructions for executing the ai-component tool via npx, which is a standard and transparent execution method for Node.js developer tools.
- [EXTERNAL_DOWNLOADS]: The skill references the ai-component package from the official npm registry, which is a trusted repository for developer dependencies.
- [CREDENTIALS_UNSAFE]: The documentation correctly identifies that an OpenAI API key is required but assumes it is managed through environment variables rather than hardcoding or requesting unsafe storage.
Audit Metadata