Security audit of alchaincyf/huashu-design · Claude Skill by alchaincyf · ★ 20.7k
Yes — huashu-design passed AgentSkillsHub's rule-based security scan with no dangerous patterns detected. As with any third-party skill, confirm what credentials it requests before production use.
What it is: Huashu Design · HTML-native design skill for Claude Code · Claude Code 里 HTML 原生的设计 skill · 高保真原型 / 幻灯片 / 动画 + 20 设计哲学 + 5 维评审 + MP4 导出 · Agent-agnostic
No dangerous patterns were detected: no credential exfiltration, no obfuscated downloads, no sandbox-escape attempts, no prompt-injection markers.
| Security grade | ✓ SAFE |
| Quality score | 61/100 |
| GitHub stars | 20.7k |
| Language | HTML |
| License | MIT |
| Last updated |
This is AgentSkillsHub's free basic audit: an automated rule-based scan covering SlowMist's 11 red-flag categories (credential exfiltration, obfuscated payloads, sandbox escape, prompt injection, and more) across 117,000+ open-source AI agent skills and MCP servers, refreshed every 8 hours. A SAFE grade is a scan result, not a guarantee — deep 5-dimension audits (code · credentials · vendor · supply-chain · operational) are available for enterprise. Audited: 2026-07-03.