starter-cleaner
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
run_commandtool to execute a local JavaScript file (scripts/clean.js) to automate the project cleanup process. - [SAFE]: The cleanup script uses hardcoded relative paths to remove specific template-related assets (such as
docs,src/subPages, andpnpm-workspace.yaml), ensuring that file deletions are confined to the intended targets. - [SAFE]: Modifications to
vite.config.tsandpackage.jsonare performed through standard regular expression matching and JSON object manipulation, with no evidence of dynamic code generation or malicious logic. - [SAFE]: No external network requests, remote script downloads, or obfuscation techniques were detected in the skill's code or metadata.
Audit Metadata