canvas-table-integration
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows standard development workflows for integrating a UI component library.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install
@qfei-design/canvas-tableusing standard package managers (npm, yarn, pnpm). These are recognized as legitimate vendor-owned resources matching the author's namespace ('qfei-design' is a variant of 'qfeius'). - [COMMAND_EXECUTION]: Command execution is limited to standard package manager installation commands (
npm install,pnpm add,yarn add) and is only triggered after verifying the project environment (e.g., checking forpackage.json). - [DATA_EXPOSURE]: File access is restricted to reading local project files (
package.json, lockfiles) and the documentation inside the installed library's directory (node_modules/@qfei-design/canvas-table/...). This is expected behavior for a developer-oriented integration skill.
Audit Metadata