frontend-lighthouse
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill configures commands to build the application and run Lighthouse CI (e.g.,
pnpm build,pnpm lhci). Thelighthouserc.cjsfile uses astartServerCommandto launch the local production server for auditing. These are standard operations for CI/CD performance gating. - [EXTERNAL_DOWNLOADS]: The skill instructs the user to install
@lhci/clias a development dependency. This is a well-known, official utility from the Chrome Lighthouse team used for performance assertions in CI environments. - [SAFE]: The GitHub Actions workflow uses official and trusted actions (actions/checkout, actions/setup-node, actions/upload-artifact, pnpm/action-setup). All network operations are directed to the local development server (localhost) for auditing purposes, with no evidence of data exfiltration or sensitive information exposure.
Audit Metadata