openui-forge-python

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references several external Node.js packages (@openuidev/react-ui, @openuidev/react-headless, @openuidev/react-lang, lucide-react, zod) and a CLI tool (@openuidev/cli) via npx. These packages align with the skill's purpose and the author's identified vendor namespace.
  • [COMMAND_EXECUTION]: Instructions include shell commands for installing dependencies, generating system prompts via a CLI tool, and running a FastAPI backend server. These are standard development operations.
  • [SAFE]: The Python backend implementation follows best practices by using python-dotenv for loading environment variables and API keys, effectively avoiding hardcoded credentials.
  • [SAFE]: While the resulting application ingests user-supplied messages for processing by an LLM, the code does not expose any exploitable system capabilities or tools, maintaining a safe execution environment for the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 02:35 AM
Security Audit — agent-trust-hub — openui-forge-python