intlayer-cms
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The documentation instructs users to run various CLI tools such as
npx intlayer login,npx intlayer config push, andnpx intlayer-editor startfor content synchronization and local development. - [EXTERNAL_DOWNLOADS]: The skill configures the application to fetch remote dictionaries from the Intlayer CMS infrastructure at
https://intlayer.orgto support dynamic content updates. - [REMOTE_CODE_EXECUTION]: The Live Sync feature involves a server that wraps the application's runtime process (e.g.,
next start) to stream and apply content updates directly to the running instance. - [COMMAND_EXECUTION]: The Visual Editor component can overwrite local source code files (JSON, JS, TS) when users save changes through the editor interface, utilizing a babel transformer to modify the codebase.
- [PROMPT_INJECTION]: The skill introduces a surface for indirect prompt injection by fetching and displaying untrusted remote content from a CMS.
- Ingestion points: Remote dictionaries fetched via the Live Sync API (concept_cms.md).
- Boundary markers: None specified in the documentation or configuration.
- Capability inventory: File system modification (concept_editor.md) and process wrapping (concept_cms.md).
- Sanitization: The documentation does not specify sanitization or validation of the fetched remote content.
Audit Metadata