frontend-mix-plan

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is to transform input data (context and specs) into a structured markdown document. It uses the Read tool to ingest local files and generates a new plan file in the .claude/artifacts/ directory.
  • [SAFE]: No network operations, credential handling, or sensitive system file access patterns were detected. The skill mentions third-party services (like Vercel, Fly.io, Clerk) only as examples for the generated deployment plan, not as active integration targets during execution.
  • [SAFE]: There are no signs of obfuscation, dynamic code execution, or remote script downloads.
  • [SAFE]: While the skill processes external data (the context and spec files), which is a common surface for Indirect Prompt Injection, the scope of its actions (reading and writing text files) and its specific instructions for structure and headers minimize the risk of malicious instruction execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 11:38 PM
Security Audit — agent-trust-hub — frontend-mix-plan