web-artifacts-builder
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The instructions require the execution of local shell scripts (
scripts/init-artifact.shandscripts/bundle-artifact.sh) which are not included in the provided file for auditing. These scripts run with the privileges of the agent and can execute arbitrary system commands. - EXTERNAL_DOWNLOADS (HIGH): The
bundle-artifact.shscript is explicitly described as installing Node.js dependencies (parcel,@parcel/config-default,parcel-resolver-tspaths,html-inline) at runtime. This dynamic installation from external npm registries without integrity checks or version pinning for all packages creates a significant supply chain vulnerability. - REMOTE_CODE_EXECUTION (HIGH): Build toolchains like Vite and Parcel often execute lifecycle scripts during the installation and build phases. By dynamically installing and running these tools, the skill enables a pathway for remote code execution if the registry or any transitive dependency is compromised.
- DATA_EXFILTRATION (MEDIUM): The bundling process involves 'inlining' all project assets into a single HTML file. Without script visibility, there is a risk that the bundler or scripts could access sensitive files in the environment and include them in the artifact which is then shared with the user or an external endpoint.
Recommendations
- AI detected serious security threats
Audit Metadata