frontend
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The script 'scripts/perfection/lighthouse-audit.py' contains documentation and instructions to install the 'uv' package manager via a shell-piped command from 'astral.sh'. This is the standard installation method for a well-known developer tool and is considered safe under the trusted service rule.
- [COMMAND_EXECUTION]: The 'lighthouse-audit.py' script uses 'subprocess.run' to install global Node.js dependencies ('lighthouse', 'chrome-launcher') and to execute local system commands for performance auditing. These operations are core to the skill's primary function of site auditing.
- [EXTERNAL_DOWNLOADS]: The skill instructions in 'references/design/README.md' and related files suggest downloading and initializing developer tools such as 'react-grab', 'react-scan', and 'react-doctor' from the 'unpkg.com' content delivery network. These are reputable tools from known developers in the React ecosystem.
- [PROMPT_INJECTION]: A surface for indirect prompt injection exists in the 'design-system' hierarchical retrieval pattern described in 'references/ui-ux-db/README.md'. The skill generates and reads from local files ('MASTER.md' and page-specific overrides) to guide the agent's behavior. While this creates an ingestion surface for untrusted data if the project files are tampered with, it is the intended mechanism for maintaining design consistency.
- [COMMAND_EXECUTION]: The 'references/ui-ux-db/scripts/design_system.py' script handles the persistence of design tokens to the local file system, enabling the agent to maintain a 'Global Source of Truth' for visual styles.
Audit Metadata