web-artifacts-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes multiple shell scripts (
init-artifact.shandbundle-artifact.sh) to configure the project, install dependencies, and build the final artifact. These scripts interact with the file system and external CLI tools. - [EXTERNAL_DOWNLOADS] (LOW): Numerous standard Node.js packages are downloaded from the NPM registry, including a global installation of
pnpm. This is expected for the skill's purpose but involves a large dependency tree. - [INDIRECT_PROMPT_INJECTION] (LOW): The
init-artifact.shscript interpolates the user-supplied project name directly into shell commands and file contents. A lack of sanitization could lead to broken configurations or malformed HTML files if a malicious or malformed name is provided. - Ingestion points: The
<project-name>argument inscripts/init-artifact.sh. - Boundary markers: No explicit delimiters are used to protect the project name during interpolation.
- Capability inventory: Shell command execution (via
pnpm,npm,sed), file read/write access, and network connectivity for dependency management. - Sanitization: No input validation or escaping is performed on the project name argument.
Audit Metadata