CreateCLI

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs shell commands to send localized notifications to a service on localhost:31337. This is used to provide voice or system feedback to the user during workflow execution.
  • [COMMAND_EXECUTION]: The skill logs its activity by appending JSONL metadata to a local file at ~/.claude/PAI/MEMORY/SKILLS/execution.jsonl. This is a standard persistence-less logging mechanism for auditing purposes.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes bun add commander to integrate a well-known and widely trusted CLI framework when upgrading a project's complexity tier.
  • [SAFE]: The generated code templates explicitly follow security best practices by loading sensitive configuration (like API keys) from externalized .env files rather than hardcoding them into scripts.
  • [SAFE]: The skill includes instructions for validating generated code and documentation before deployment, including automated quality gates for TypeScript compilation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 03:33 PM
Security Audit — agent-trust-hub — CreateCLI