Skills
skills/arcblock/agent-skills/blocklet-converter/Gen Agent Trust Hub

blocklet-converter

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • COMMAND_EXECUTION (MEDIUM): The skill executes bun install and bun run build as part of its conversion workflow. This triggers the execution of scripts defined in the project's package.json. If a user provides a project with a malicious postinstall or build script, the agent will execute it.
  • EXTERNAL_DOWNLOADS (LOW): The bun install command downloads external packages from public registries. This is a standard operation for web development but represents an ingestion of external, unverified code.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill has a clear data ingestion surface where it reads and processes external project files (package.json, index.html) to extract metadata like 'title' and 'description'.
  • Ingestion points: Project metadata is extracted from package.json in the local directory.
  • Boundary markers: None are specified for the extraction of the title or description fields.
  • Capability inventory: The skill can execute subprocesses (bun, blocklet CLI) and write files.
  • Sanitization: The skill contains instructions to 'rewrite' technical descriptions to be user-friendly, which involves the LLM processing potentially untrusted text from the project files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:47 PM