Skills
skills/cloudsen/eliteforge-skills/eliteforge-frontend-generator/Gen Agent Trust Hub

eliteforge-frontend-generator

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script scripts/create_frontend_project.py which uses the subprocess.run function to invoke the onebase-cli tool for project creation. This is the primary intended functionality of the skill.
  • [COMMAND_EXECUTION]: The workflow includes a step to run pnpm i inside the newly created project directory to initialize its dependencies.
  • [EXTERNAL_DOWNLOADS]: Running pnpm i fetches packages from the NPM registry, which is a well-known service for JavaScript development.
  • [COMMAND_EXECUTION]: User-provided naming fields (company, product, and service names) are used to construct command-line arguments. The script implements security controls by either validating the input against a strict kebab-case regex or applying a slugification function that filters out shell metacharacters.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 07:37 AM