convert-farcaster-miniapp-to-app
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as
npm install,npx tsc --noEmit, andnpm run buildto manage project dependencies and verify the migration. These are standard operations for development tools but involve the execution of scripts defined in the user's project configuration.\n- [PROMPT_INJECTION]: The skill's core functionality requires reading and analyzing local source files and environment variables, which presents an attack surface for indirect prompt injection. Instructions maliciously embedded in the project files could attempt to influence the agent's actions.\n - Ingestion points: Project source code,
package.json, and.envfiles processed in Phase 0 and Phase 1.\n - Boundary markers: None specified for the analysis of file content.\n
- Capability inventory: Extensive file modification and shell command execution capabilities.\n
- Sanitization: The agent reads and processes file content directly through grep and file read operations without predefined sanitization layers.
Audit Metadata