Skills
skills/joaquimscosta/arkhe-claude-plugins/design-review/Gen Agent Trust Hub

design-review

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches the axe-core accessibility testing library from Cloudflare's CDN (cdnjs.cloudflare.com) during the automated audit phase. This is a standard practice for web testing tools.
  • [COMMAND_EXECUTION]: Uses shell commands to create output directories (mkdir -p) and perform Git analysis (git status, git diff, git log) to gather context for the design review.
  • [REMOTE_CODE_EXECUTION]: Dynamically injects and executes the axe-core JavaScript engine into the browser environment using playwright-cli eval. This is restricted to the testing environment.
  • [COMMAND_EXECUTION]: Automatically executes Git commands when the skill is loaded to populate the agent's context with recent changes and repository status.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 10:55 AM
Security Audit — agent-trust-hub — design-review