product-design

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill incorporates explicit safety protocols in its reference files, specifically instructing the agent to never store secrets, credentials, API keys, or private tokens within the plugin's state directory.
  • [SAFE]: Implements a 'Safety Gate' for URL-to-code workflows, mandating that the agent warn users and confirm they have legal permission to recreate target website content before proceeding.
  • [COMMAND_EXECUTION]: Executes included local scripts (init_user_context.py, user_context_preflight.py, and bootstrap-prototype.mjs) to manage user-specific design context and automate project scaffolding.
  • [EXTERNAL_DOWNLOADS]: Instructs the agent to perform standard development operations, such as running 'npm install' to download official, well-known frontend dependencies (React, Vite, Lucide-React) from the public NPM registry.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 07:14 PM
Security Audit — agent-trust-hub — product-design