artifacts-builder

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The initialization script attempts to install the pnpm package manager globally (npm install -g pnpm) if it is not detected on the host system.
  • [COMMAND_EXECUTION]: The skill uses node -e to perform inline JavaScript execution for programmatic modification of JSON configuration files during project setup.
  • [EXTERNAL_DOWNLOADS]: The scripts facilitate the download and installation of numerous standard frontend development dependencies and build tools from the official NPM registry.
  • [COMMAND_EXECUTION]: The skill dynamically generates several configuration files (e.g., tailwind.config.js, vite.config.ts, .parcelrc) by writing predefined templates from shell scripts to the local file system.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 06:40 AM
Security Audit — agent-trust-hub — artifacts-builder