setup
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: Executes shell commands to scaffold projects and start development environments, specifically using
npx @subframe/cli@latest initandnpm run dev. - [EXTERNAL_DOWNLOADS]: Downloads the Subframe CLI package from the public npm registry and references Google Fonts for typography configuration.
- [CREDENTIALS_UNSAFE]: Manages project-specific authentication tokens and IDs provided by the user or fetched through Subframe's MCP tools to authorize CLI operations.
- [SAFE]: All operations, including package downloads and network references, target well-known services (npm, Google Fonts) and are aligned with the skill's stated purpose of project setup.
Audit Metadata