artifacts-builder
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The initialization script attempts to install the
pnpmpackage manager globally (npm install -g pnpm) if it is not detected on the host system. - [COMMAND_EXECUTION]: The skill uses
node -eto perform inline JavaScript execution for programmatic modification of JSON configuration files during project setup. - [EXTERNAL_DOWNLOADS]: The scripts facilitate the download and installation of numerous standard frontend development dependencies and build tools from the official NPM registry.
- [COMMAND_EXECUTION]: The skill dynamically generates several configuration files (e.g.,
tailwind.config.js,vite.config.ts,.parcelrc) by writing predefined templates from shell scripts to the local file system.
Audit Metadata