Skills
skills/cloudcannon/agent-skills/cloudcannon-visual-editing/Gen Agent Trust Hub

cloudcannon-visual-editing

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's setup script (scripts/setup-editable-regions.sh) installs the @cloudcannon/editable-regions package from a public registry. This is an official vendor package used for the integration.
  • [COMMAND_EXECUTION]: The scripts/setup-editable-regions.sh script executes shell commands to automate the integration process. This includes:
  • Using npm, yarn, or pnpm to install dependencies.
  • Using sed to modify astro.config.mjs or astro.config.ts to add the required integration and imports.
  • Using mkdir and cat to create boilerplate configuration files in the project directory.
  • [REMOTE_CODE_EXECUTION]: The skill utilizes client-side JavaScript that hydrates at runtime within the CloudCannon Visual Editor to enable live re-rendering. This is the core functionality of the library and is restricted to the editor's iframe environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 08:14 AM
Security Audit — agent-trust-hub — cloudcannon-visual-editing