preview-import
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected. The skill reads 'dirPath' from 'metadata.json' and interpolates it into the 'aem up' shell command. * Ingestion points: metadata.json (paths.dirPath). * Boundary markers: Absent. * Capability inventory: Shell command execution via 'aem' CLI. * Sanitization: Absent. An attacker providing a malicious metadata.json could attempt command injection.
- [COMMAND_EXECUTION] (SAFE): The skill uses the 'aem' CLI tool to start a local development server. This is the intended primary purpose of the skill.
Audit Metadata