product-design
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill incorporates explicit safety protocols in its reference files, specifically instructing the agent to never store secrets, credentials, API keys, or private tokens within the plugin's state directory.
- [SAFE]: Implements a 'Safety Gate' for URL-to-code workflows, mandating that the agent warn users and confirm they have legal permission to recreate target website content before proceeding.
- [COMMAND_EXECUTION]: Executes included local scripts (init_user_context.py, user_context_preflight.py, and bootstrap-prototype.mjs) to manage user-specific design context and automate project scaffolding.
- [EXTERNAL_DOWNLOADS]: Instructs the agent to perform standard development operations, such as running 'npm install' to download official, well-known frontend dependencies (React, Vite, Lucide-React) from the public NPM registry.
Audit Metadata