convert-web-app
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches reference code and examples from the official Model Context Protocol GitHub repository (
https://github.com/modelcontextprotocol/ext-apps.git) to provide context for the agent and user. - [COMMAND_EXECUTION]: The skill instructs the agent to use standard development commands, such as
git clonefor documentation andnpm installfor project dependencies (@modelcontextprotocol/ext-apps,@modelcontextprotocol/sdk, etc.). - [PROMPT_INJECTION]: The instructions focus on technical implementation and architectural guidance for a specific protocol. No patterns for bypassing safety filters, overriding system instructions, or extracting system prompts were detected.
- [DATA_EXFILTRATION]: No hardcoded credentials, sensitive file access patterns (e.g., accessing
.sshor.envfiles), or unauthorized network exfiltration attempts were found. The skill correctly identifies thatlocalStorageis not available in sandboxed environments, which is a security best practice. - [INDIRECT_PROMPT_INJECTION]: The skill involves an attack surface where the agent analyzes existing web application code which could contain untrusted data.
- Ingestion points: Step 1 requires the agent to analyze the user's existing web application files.
- Boundary markers: No specific delimiters or warnings to ignore embedded instructions in the analyzed code are provided.
- Capability inventory: The skill involves package installation (
npm install), repository cloning (git clone), and build processes (vite build). - Sanitization: No explicit sanitization or validation of the analyzed application content is mentioned.
Audit Metadata