{"name":"@tank/frontend-craft","version":"1.3.0","description":"Frontend craft for polished, distinctive apps. Micro-interactions, perceived performance, premium components, visual polish, design foundations (typography, OKLCH color, spatial design), responsive, interaction patterns, UX writing, AI slop detection, shadcn registry search (11K+ components). Triggers: animation, skeleton, framer motion, shadcn, aceternity, UI polish, premium feel, typography, OKLCH, dark mode, responsive, interaction design, UX writing, AI slop, design looks generic.","integrity":"sha512-EHh2069Jktbw10y4C5c2VCZvqF2TjCrPOtfeuXsVodIx12QLTlS0e4pVoAW+5NApdpFgO9VIuZCvG9UVALF4cQ==","permissions":{"network":{"outbound":["ui.shadcn.com","shadcn.com"]},"filesystem":{"read":["**/*"],"write":["scripts/.cache/**"]},"subprocess":true},"auditScore":null,"auditStatus":"completed","downloadUrl":"https://lcsbcruorskqflcwlvgj.supabase.co/storage/v1/object/sign/packages/skills/2257f39e-776a-4912-8f3f-0a02c87c8997/1.3.0.tgz?token=eyJraWQiOiJzdG9yYWdlLXVybC1zaWduaW5nLWtleV8wMjNiODBkNC05MzFhLTRmODctOTA1Ni03YmMwMjczNDFiMTUiLCJhbGciOiJIUzI1NiJ9.eyJ1cmwiOiJwYWNrYWdlcy9za2lsbHMvMjI1N2YzOWUtNzc2YS00OTEyLThmM2YtMGEwMmM4N2M4OTk3LzEuMy4wLnRneiIsImlhdCI6MTc3NTkwODA5MSwiZXhwIjoxNzc1OTExNjkxfQ.WH8b2vUi4G7svTJgOveGAbPwwNbFRUG1BVRvRsHgG34","publishedAt":"2026-04-05 19:15:38.49389+00","downloads":6,"scanVerdict":"fail","scanFindings":[{"stage":"stage4","severity":"critical","type":"secret_Basic Auth Credentials","description":"Secret detected: Basic Auth Credentials","location":"scripts/pull-all-registries.py:10"},{"stage":"stage4","severity":"critical","type":"secret_Basic Auth Credentials","description":"Secret detected: Basic Auth Credentials","location":"scripts/pull-all-registries.py:631"},{"stage":"stage4","severity":"critical","type":"secret_Basic Auth Credentials","description":"Secret detected: Basic Auth Credentials","location":"scripts/pull-all-registries.py:640"},{"stage":"stage4","severity":"critical","type":"secret_Hex High Entropy String","description":"Secret detected: Hex High Entropy String","location":".pytest_cache/CACHEDIR.TAG:1"},{"stage":"stage2","severity":"medium","type":"bandit_B310","description":"Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.","location":"/tmp/tank_scan_k7ycgl6h/scripts/pull-all-registries.py:143"},{"stage":"stage1","severity":"medium","type":"nfkc_mismatch","description":"Content changes under NFKC normalization: '…' -> '.'","location":"references/responsive-interaction.md:345"},{"stage":"stage2","severity":"low","type":"bandit_B404","description":"Consider possible security implications associated with the subprocess module.","location":"/tmp/tank_scan_k7ycgl6h/scripts/pull-all-registries.py:18"},{"stage":"stage2","severity":"low","type":"bandit_B603","description":"subprocess call - check for execution of untrusted input.","location":"/tmp/tank_scan_k7ycgl6h/scripts/pull-all-registries.py:181"},{"stage":"stage2","severity":"low","type":"bandit_B404","description":"Consider possible security implications associated with the subprocess module.","location":"/tmp/tank_scan_k7ycgl6h/scripts/search-components.py:21"},{"stage":"stage2","severity":"low","type":"bandit_B603","description":"subprocess call - check for execution of untrusted input.","location":"/tmp/tank_scan_k7ycgl6h/scripts/search-components.py:78"},{"stage":"stage2","severity":"low","type":"bandit_B603","description":"subprocess call - check for execution of untrusted input.","location":"/tmp/tank_scan_k7ycgl6h/scripts/search-components.py:189"},{"stage":"stage1","severity":"low","type":"hidden_file","description":"Hidden dotfile detected: .DS_Store","location":"scripts/.DS_Store"},{"stage":"stage2","severity":"info","type":"shell_injection","description":"Shell command execution - potential injection risk: subprocess.run()","location":"scripts/search-components.py:78"},{"stage":"stage2","severity":"info","type":"shell_injection","description":"Shell command execution - potential injection risk: subprocess.run()","location":"scripts/search-components.py:189"},{"stage":"stage2","severity":"info","type":"shell_injection","description":"Shell command execution - potential injection risk: subprocess.run()","location":"scripts/pull-all-registries.py:181"}],"dependencies":{}}