authoring
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Employs standard shell utilities (ls, grep, sed, mkdir) to inspect the project structure and manage a local configuration file. This behavior is consistent with the skill's purpose as a documentation generator.
- [EXTERNAL_DOWNLOADS]: Performs network requests via curl to fetch site metadata from 'admin.hlx.page'. This is the authoritative API for the Adobe Edge Delivery Services platform and is a trusted vendor service.
- [CREDENTIALS_UNSAFE]: Manages an authentication token provided by the user or read from a local config file. The skill implements safety measures by automatically ensuring the configuration directory is added to the project's .gitignore file to prevent credential leakage.
- [PROMPT_INJECTION]: Static detections for concealment are false positives; the instructions to perform background analysis and cleanup temporary files are standard for automated document generation. Branding guidelines and tool usage restrictions are functional requirements rather than malicious overrides.
- [DATA_EXFILTRATION]: Uses curl to send an authentication token to a trusted vendor domain (hlx.page). This operation is necessary for functionality and does not involve sending sensitive data to unauthorized third parties.
Audit Metadata