Skills
skills/forcedotcom/afv-library/mobile-platform-offline-validate/Gen Agent Trust Hub

mobile-platform-offline-validate

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads the @salesforce/eslint-plugin-lwc-graph-analyzer and eslint packages from the npm registry via a shell script. These are official development tools from the vendor's ecosystem (Salesforce/forcedotcom) or widely recognized industry standards.
  • [COMMAND_EXECUTION]: The skill executes a shell script (scripts/run-komaci.sh) to perform the analysis. The script manages local dependency installation and runs the ESLint binary against user-provided LWC source files. Proper quoting is used for file paths to prevent command injection.
  • [REMOTE_CODE_EXECUTION]: No unauthorized or suspicious remote code execution was detected. All external code is sourced from well-known package registries and is consistent with the skill's stated purpose of static code analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 12:31 PM
Security Audit — agent-trust-hub — mobile-platform-offline-validate