web-development
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves its stated purpose of providing engineering guidelines for web development using React, Vue, and Vite, as well as integration with CloudBase services. All instructions follow industry best practices for security and maintainability.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and sibling skills hosted on
cnb.cool(Tencent's Cloud Native Build platform). These resources are consistent with the vendor's (tencentcloudbase) infrastructure and do not represent a security risk. - [COMMAND_EXECUTION]: Instructions include standard development commands such as
npm run build,tsc --noEmit, andpnpm dev. These are routine operations within a web development environment and are used here for validation and building purposes. - [CREDENTIALS_UNSAFE]: The skill correctly advises users to store environment-specific values in
.envfiles rather than hardcoding them into UI files, following standard security practices for secret management.
Audit Metadata