frontend-docs
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to read local project files and generate Markdown documentation based on provided templates. It follows a structured discovery workflow to inventory frontend entry points, routes, and components.
- [COMMAND_EXECUTION]: The skill uses two local Node.js utility scripts,
scripts/check-contrast.mjsandscripts/detect-token-drift.mjs, to perform read-only analysis of colors and design tokens. These scripts are self-contained and do not perform network operations or sensitive file access. - [DATA_EXFILTRATION]: No network operations or data exfiltration patterns were identified. All analysis and documentation generation occur within the local environment.
- [PROMPT_INJECTION]: While the skill ingests untrusted data by reading project source code (an Indirect Prompt Injection surface), its instructions focus on objective evidence collection and documentation. No override patterns or safety bypass attempts were found.
- [SAFE]: No obfuscation, multi-layer encoding, or hidden content was found in the skill's instructions or scripts.
Audit Metadata