appbuilder-project-init
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is developed by Adobe and exclusively utilizes official Adobe tools, templates, and libraries. All external resources originate from trusted sources, including the @adobe scope on the npm registry and Adobe's official CLI distribution channels.
- [COMMAND_EXECUTION]: The skill uses a bash script (
scripts/init.sh) to wrap theaioCLI. While it interpolates user-provided arguments such as project names and template identifiers into shell commands, this behavior is necessary for the skill's primary function of project initialization. The script includes robust error handling and outputs results in a structured JSON format. - [EXTERNAL_DOWNLOADS]: The skill initiates downloads of project templates and CLI updates from the npm registry and official Adobe repositories. These operations are performed as part of standard development workflows and target verified, well-known vendor infrastructure.
Audit Metadata