Skills
skills/codeboltai/codeboltjs/codebolt-agent-development/Gen Agent Trust Hub

codebolt-agent-development

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The documentation describes APIs and modifiers for executing arbitrary shell commands through the terminal.
  • Evidence: Mentions of codebolt.terminal.executeCommand and ShellProcessorModifier in SKILL.md and references/processors.md.
  • [REMOTE_CODE_EXECUTION]: The skill includes code snippets demonstrating the use of eval() for dynamic data processing within custom tool implementations.
  • Evidence: Example implementation of a calculator tool using eval() in references/level2-base-components.md and references/processors.md.
  • [PROMPT_INJECTION]: The agent architecture described involves processing untrusted data which creates an indirect prompt injection surface.
  • Ingestion points: codebolt.onMessage and codebolt.fs.readFile (SKILL.md, references/level1-direct-apis.md).
  • Capability inventory: Commands for terminal execution, browser control, and file modifications are available across the SDK.
  • Boundary markers: Documentation specifies that tool approval and workspace boundaries are managed at the application level rather than within the agent code.
  • Sanitization: Provided code examples show direct interpolation of retrieved data into prompts without explicit sanitization or filtering logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 04:44 PM