openui-forge-python
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references several external Node.js packages (@openuidev/react-ui, @openuidev/react-headless, @openuidev/react-lang, lucide-react, zod) and a CLI tool (@openuidev/cli) via npx. These packages align with the skill's purpose and the author's identified vendor namespace.
- [COMMAND_EXECUTION]: Instructions include shell commands for installing dependencies, generating system prompts via a CLI tool, and running a FastAPI backend server. These are standard development operations.
- [SAFE]: The Python backend implementation follows best practices by using
python-dotenvfor loading environment variables and API keys, effectively avoiding hardcoded credentials. - [SAFE]: While the resulting application ingests user-supplied messages for processing by an LLM, the code does not expose any exploitable system capabilities or tools, maintaining a safe execution environment for the agent.
Audit Metadata