dev-server-sandbox
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of
make dev-serverwith various environment variable overrides. - [COMMAND_EXECUTION]: It allows users to specify an alternative
MAKEbinary (e.g.,gmake), which is a standard feature for cross-platform development tools. - [CREDENTIALS_UNSAFE]: The documentation explicitly mentions that
providers.jsoncmay contain API keys and notes that it intentionally avoids copyingsecrets.jsonto improve security posture during sandboxing. - [DATA_EXFILTRATION]: While it copies configuration files to temporary directories, no network exfiltration patterns or suspicious external destinations were detected.
- [PROMPT_INJECTION]: The instructions are descriptive and do not contain any patterns attempting to override agent safety guidelines or system prompts.
Audit Metadata