Skills
skills/jihnma/skills/fe-design-implement/Gen Agent Trust Hub

fe-design-implement

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a bundled local Node.js script located at ~/.claude/skills/fe-design-verify/vrt.mjs to perform visual comparisons. This is a transparent and integral part of the documented workflow.
  • [EXTERNAL_DOWNLOADS]: The skill identifies and prompts for the installation of standard, well-known development packages (sharp, playwright, pixelmatch, pngjs) from official registries. It also references font stylesheets from a well-known source (rsms.me).
  • [CREDENTIALS_UNSAFE]: While the skill requires a Figma access token, it follows security best practices by instructing the user to manage it via environment variables rather than hardcoding it or requesting it directly.
  • [SAFE]: The skill's operations, including Figma API interactions and local file modifications, are consistent with its stated purpose. No patterns of data exfiltration or unauthorized system access were found.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 08:37 AM
Security Audit — agent-trust-hub — fe-design-implement