Skills
skills/redpanda-data/ui-harness/frontend-starter-kit/Gen Agent Trust Hub

frontend-starter-kit

Warn

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill retrieves a large number of components from remote sources.
  • It installs workflow skills from the author's repositories under redpanda-data/ui-harness.
  • It includes instructions to fetch community skills from the mattpocock/skills repository, which is an external third-party source.
  • [REMOTE_CODE_EXECUTION]: The skill facilitates the automatic installation of executable logic.
  • It utilizes bunx skills@latest add ... -y to install agent skills that utilize lifecycle hooks such as PreToolUse, PostToolUse, and Stop.
  • The use of the -y flag allows for the installation and activation of these hooks without manual intervention or review of the downloaded content.
  • [COMMAND_EXECUTION]: The skill relies on shell commands to bootstrap the project and toolchain.
  • It executes bunx to run the skills CLI for component management.
  • It directs the agent to modify environment configuration files and set session variables.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 12, 2026, 08:49 AM