app-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes the Bash tool for standard software development tasks such as installing packages and initializing projects.
- [EXTERNAL_DOWNLOADS] (SAFE): External dependencies are fetched from trusted registries (npm, PyPI) as part of project setup.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection: The skill processes untrusted natural language user requests to coordinate agents and execute commands. 1. Ingestion points: Natural language project requests via the main orchestrator (SKILL.md). 2. Boundary markers: Absent; the logic lacks delimiters for user input. 3. Capability inventory: High, including Bash, Write, Edit, and Agent tools (SKILL.md). 4. Sanitization: Absent; no logic is provided to validate or escape user input before it is used in orchestration.
Audit Metadata