setup-leafygreen
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Executes standard development commands including
npm install,npm run dev,npm run build, and project scaffolding usingnpm create vite@latest. These commands are standard for initializing and managing a Vite-based project. - [EXTERNAL_DOWNLOADS]: Installs official MongoDB design system packages from the
@leafygreen-uiscope on npm. It also fetches font assets from a CloudFront CDN (d2va9gm4j17fy9.cloudfront.net), which is a common practice for web assets. - [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The skill interacts only with project-specific files such as
package.json,vite.config.ts, and source files in thesrc/directory to apply configuration changes.
Audit Metadata