caffeine-app
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of standard development CLI tools, including global installation of the Caffeine CLI via
npm install -g @caffeineai/cliand environment maintenance viacaffeine doctor --fix. These commands are routine for setting up a specialized developer toolchain. - [EXTERNAL_DOWNLOADS]: The project templates incorporate a wide range of official and industry-standard Node.js packages (e.g., React, Vite, Tailwind, Radix UI, TanStack Query) and vendor-specific Motoko dependencies via the
mopspackage manager. All referenced external resources are consistent with building modern web applications on the Internet Computer. - [DATA_EXFILTRATION]: The skill describes the
caffeine preview --buildcommand, which uploads a compiled draft of the application to the caffeine.ai cloud for hosting and preview. This is a primary functionality of the service and is clearly documented for the user. - [SAFE]: The project structure, manifest configurations (
caffeine.toml,mops.toml), and build scripts follow established patterns for the Dfinity/ICP ecosystem. No malicious obfuscation, privilege escalation, or security bypass patterns were detected in the instructions or templates.
Audit Metadata