artifacts-builder
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes shell scripts to initialize projects and bundle code. These operations are limited to the project directory and use standard package managers (pnpm/npm).
- EXTERNAL_DOWNLOADS (SAFE): Downloads are restricted to well-known, trusted registries (npm registry) for standard development dependencies (React, Tailwind, Lucide, Radix UI).
- DATA_EXFILTRATION (SAFE): No network operations to unknown or suspicious domains were found. All network activity is related to package installation from official registries.
- NO_CODE (SAFE): The skill uses scripts for development automation; it does not contain obfuscated code or unauthorized privilege escalation attempts.
Audit Metadata