Skills
skills/fradser/dotclaude/critique/Gen Agent Trust Hub

critique

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses npx impeccable to run a deterministic design detector against source files and to start a local visualization server.
  • [EXTERNAL_DOWNLOADS]: The use of npx impeccable implies the potential download and execution of the impeccable package from the npm registry if it is not already present in the environment.
  • [REMOTE_CODE_EXECUTION]: The skill utilizes browser automation tools to inject a JavaScript payload (detect.js) from a locally hosted server (http://localhost:PORT/detect.js) into the target web page's context to render visual overlays of design issues.
  • [DATA_EXPOSURE]: The skill reads the console output of the browser (read_console_messages) to retrieve findings from the injected detector script, which is a standard method for programmatic interaction with browser-based tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 05:42 AM
Security Audit — agent-trust-hub — critique