best-practices
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a collection of documentation and code examples aimed at teaching best practices for web development. It does not contain executable code that would perform unauthorized actions.
- [EXTERNAL_DOWNLOADS]: The documentation includes a reference to
polyfill.ioin a code snippet. While this was historically a well-known service, it was involved in a supply chain attack in 2024. This is a best-practice violation for current development but is not a sign of malicious intent within the skill itself. - [COMMAND_EXECUTION]: Provides examples of standard development commands like
npm auditandnpm update. These are intended for users to run manually for security maintenance and are not automated malicious executions.
Audit Metadata