frontend-lighthouse

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill configures commands to build the application and run Lighthouse CI (e.g., pnpm build, pnpm lhci). The lighthouserc.cjs file uses a startServerCommand to launch the local production server for auditing. These are standard operations for CI/CD performance gating.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install @lhci/cli as a development dependency. This is a well-known, official utility from the Chrome Lighthouse team used for performance assertions in CI environments.
  • [SAFE]: The GitHub Actions workflow uses official and trusted actions (actions/checkout, actions/setup-node, actions/upload-artifact, pnpm/action-setup). All network operations are directed to the local development server (localhost) for auditing purposes, with no evidence of data exfiltration or sensitive information exposure.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 06:21 AM
Security Audit — agent-trust-hub — frontend-lighthouse