develop-and-deploy-web-app

The skill bundle provides a comprehensive framework for scaffolding, deploying, and managing background Node.js applications ('LiteApps'). While the behavior is aligned with its stated purpose, it utilizes several high-risk capabilities, including spawning detached background processes (start-app.js), opening a range of network ports (33333-39999) for a shared HTTP proxy (shared-host.js), and executing 'npm install' which fetches and runs remote code (install-app.js). Although the scripts implement security controls like strict regex validation for user inputs in common.js to prevent path traversal, the ability for an AI agent to maintain persistent background services and modify platform-wide registries (web-app-registry.json) warrants a suspicious classification due to the inherent risk of these operations.