Artifacts Builder

The skill's `SKILL.md` instructions appear benign and align with the stated purpose of building frontend artifacts, with no evidence of prompt injection attempts. However, the agent is instructed to execute local shell scripts (`scripts/init-artifact.sh`, `scripts/bundle-artifact.sh`) whose content is not provided for review. This constitutes a risky capability (arbitrary code execution via shell scripts) where the specific implementation details are opaque, preventing a full security assessment and introducing an unverified attack surface.