artifacts-builder
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the agent to run local bash scripts 'scripts/init-artifact.sh' and 'scripts/bundle-artifact.sh' which are part of the skill package to initialize the project environment and handle the compilation of artifacts.
- [EXTERNAL_DOWNLOADS]: The bundling script performs installation of several Node.js packages including 'parcel', '@parcel/config-default', 'parcel-resolver-tspaths', and 'html-inline' from the NPM registry.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest user requirements and transform them into executable React and HTML code. 1. Ingestion points: User requests for the creation of elaborate multi-component artifacts. 2. Boundary markers: The skill does not define explicit delimiters or instructions to prevent the agent from obeying malicious commands embedded within the user's design requirements. 3. Capability inventory: The skill uses shell script execution and file writing to generate and build the requested content. 4. Sanitization: There is no documentation of input validation or content filtering before user data is interpolated into the artifact generation logic.
Audit Metadata