skills/adeonir/agent-skills/craft-ui/Gen Agent Trust Hub

craft-ui

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill launches a local preview server (scripts/render-server.ts) using the bun runtime. The server is configured to listen only on the local loopback interface (127.0.0.1) and includes logic to prevent path traversal outside the designated session directory.
  • [COMMAND_EXECUTION]: The instructions include a command to modify .git/info/exclude. This ensures that the .artifacts folder, which stores temporary HTML variants, is not tracked by the user's local git repository.
  • [EXTERNAL_DOWNLOADS]: In the 'audit' mode, the agent uses the WebFetch tool to retrieve the content of running websites for analysis of accessibility, performance, and responsiveness.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 09:06 PM
Security Audit — agent-trust-hub — craft-ui