create-chatgpt-mockup

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The screenshot.js file utilizes the execSync method to run npx playwright install chromium. This logic ensures that the required Chromium browser binaries are available for the headless rendering process, which is a standard operational procedure for the Playwright library.
  • [EXTERNAL_DOWNLOADS]: The skill's setup process triggers downloads of browser engines from official Playwright/Microsoft repositories. These resources are necessary for the browser-based screenshot functionality and originate from a trusted technology provider.
  • [COMMAND_EXECUTION]: The render.js script manages file system interactions, including reading input JSON files, creating output directories, and writing generated files. It also resolves relative paths for user-provided assets to local file:// URIs, allowing the rendering engine to include local images in the final mockups.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — create-chatgpt-mockup