Security risk report for @forgecat/anthropics_skills_web-artifacts-builder v0.0.3
Source Integrity
Low
Profile is attributed to Anthropic with a public GitHub repository (anthropics/skills) and specific commit hash (5128e18), enabling verification.
No typosquatted, obfuscated, or attacker-controlled package names or dependencies are referenced.
Agent Intent
Low
Content describes legitimate frontend development workflows (React, Vite, Tailwind CSS, shadcn/ui) with no hidden instructions to manipulate the AI or exfiltrate data.
Scripts referenced (init-artifact.sh, bundle-artifact.sh) are presented as normal development tools, not as payloads to execute arbitrary code or read credentials.
Design guidance (avoiding 'AI slop') is educational advice, not a directive to weaken security or install backdoors.
Details
Evidence
"Suite of tools for creating elaborate, multi-component claude.ai HTML artifacts using modern frontend web technologies"
"bash scripts/init-artifact.sh <project-name>" and "bash scripts/bundle-artifact.sh" — standard build automation, no exfiltration or credential-reading instructions
"To avoid what is often referred to as 'AI slop', avoid using excessive centered layouts, purple gradients, uniform rounded corners, and Inter font" — stylistic guidance only
Permissions
Low
No tools or skills are declared in the profile; it is purely instructional documentation for a frontend artifact-building workflow.
The referenced shell scripts (init-artifact.sh, bundle-artifact.sh) are presented as user-initiated development steps, not as autonomous agent permissions.
Details
Evidence
"Declared tools (normalized categories; paths are untrusted) — (none declared)"
Scripts are invoked manually by the developer as part of a documented workflow, not granted as persistent agent capabilities.
MCP Risk
Low
No MCP servers are defined in the profile.
No hidden instructions, arbitrary binary execution, or unrestricted network/filesystem access are present.