lsp-setup

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill performs automated development environment configuration as described in its documentation. It utilizes subprocess.run exclusively for executing recognized development tools like npx and cclsp with validated, non-malicious arguments.\n- [SAFE]: File system operations are appropriately scoped to the project root. The skill reads directory structures for language detection and manages configuration files (.env, .claude/settings.json) using atomic operations and backups to prevent data loss or corruption.\n- [SAFE]: External code acquisition is restricted to downloading official Claude Code LSP plugins via the standard cclsp tool from well-known registries (npm). The skill explicitly avoids automatic installation of system-level binaries, providing only user-executable guidance for those components.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 05:16 PM
Security Audit — agent-trust-hub — lsp-setup