storybook
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documents best practices for Storybook, a well-known industry tool. All code examples and recommended workflows align with official documentation and standard security practices.\n- [SAFE]: External references and dependencies (e.g., @storybook/*, msw, vitest, chromatic) are sourced from reputable organizations or well-known services within the frontend ecosystem.\n- [SAFE]: Guidance for CI/CD integrations (GitHub Actions) correctly utilizes secrets for sensitive tokens (e.g., CHROMATIC_PROJECT_TOKEN), preventing credential exposure.\n- [SAFE]: Recommended commands like npx storybook add and npx playwright install are standard lifecycle commands for the respective well-known technologies.\n- [SAFE]: The skill identifies the processing of story arguments as a potential surface for indirect prompt injection; however, it addresses this through legitimate documentation and testing practices within the isolated Storybook workshop environment.
Audit Metadata