antfu
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill recommends using official and widely-used development tools such as ESLint, Vitest, and pnpm.
- [EXTERNAL_DOWNLOADS]: Recommends GitHub Actions workflows from the sxzz/workflows repository. This is a common practice in the open-source community for sharing and maintaining CI/CD logic across multiple projects.
- [COMMAND_EXECUTION]: Includes a utility script in the monorepo reference to synchronize aliases between a TypeScript config file and project definitions. This script uses the node:fs module for local configuration management, which is a standard build-tooling task.
- [SAFE]: Recommended Git hooks and installation commands utilize security-focused flags like --ignore-scripts to prevent execution of potentially malicious scripts during package installation.
Audit Metadata