extract-design-system
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate web scraping and design analysis as described in its documentation.
- [SAFE]: The extraction script includes explicit protection against path traversal attacks by validating that the output directory remains within the current working directory.
- [SAFE]: The script uses a visible browser (headed mode) for extraction, which provides transparency by allowing the user to monitor the automated actions in real-time.
- [COMMAND_EXECUTION]: The skill requires standard developer operations, such as installing Playwright and running a local Node.js script, which are appropriate for the tool's purpose.
- [DATA_EXPOSURE]: The skill writes extracted design tokens and screenshots to the local file system and can access localhost for development purposes; these actions are consistent with its primary functionality.
Audit Metadata