Skills
skills/cafe3310/public-agent-skills/oneshot-website/Gen Agent Trust Hub

oneshot-website

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill is a code generator for producing immersive single-file websites using HTML, CSS, and vanilla JavaScript. It operates without external dependencies or network access for core functionality.
  • [COMMAND_EXECUTION]: In oneshot-website.md, the skill instructs the agent to execute the open command to provide a local preview of the generated index.html file, which is a standard developer workflow.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. Ingestion point: The $ARGUMENTS variable in oneshot-website.md accepts untrusted user input for themes. Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded commands within the theme input. Capability inventory: The agent has the ability to write to the local file system (index.html) and execute shell commands (open). Sanitization: No input validation or sanitization is performed on the user-provided theme before it is interpolated into the generation instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 01:29 AM