Building Blocks
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill directs the agent to ingest external data from a user-provided "test content URL" to define content models and implement block logic.
- Ingestion points: The process explicitly requires a "Test content URL" in Step 1 and Step 6 to inform development.
- Boundary markers: There are no instructions for the agent to use delimiters or "ignore embedded instructions" when processing the content from these external URLs.
- Capability inventory: The skill has file system write capabilities, including creating directories and generating
.jsand.cssfiles in theblocks/folder. - Sanitization: The instructions lack any requirement to sanitize or validate the data retrieved from the external URL before it influences code generation.
- External References (LOW): The skill contains links to external documentation (e.g., Adobe Franklin Sidekick and DA.live). While these are standard in AEM development, they are not within the explicitly defined trusted source list. However, since they are used for developer reference rather than automated execution, the risk is negligible.
Audit Metadata