tanstack-start
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill's primary purpose is to provide a legitimate architectural blueprint for application development using reputable open-source frameworks.
- [EXTERNAL_DOWNLOADS]: The workflow involves fetching standard, well-known libraries and developer tools from official package registries, such as TanStack, React, Drizzle, and Cloudflare Wrangler.
- [COMMAND_EXECUTION]: The skill uses standard CLI operations for project initialization, local server management, and production deployment via pnpm and wrangler.
- [CREDENTIALS_UNSAFE]: The skill correctly handles sensitive information by directing the agent to use .dev.vars (excluded via .gitignore) for local credentials and recommending the use of wrangler's secure secret storage for production environment variables.
Audit Metadata