cpq-builder
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted input from a DOMAIN.md file to drive application logic and UI generation, which constitutes an indirect prompt injection surface.\n
- Ingestion points: The Builder Agent reads DOMAIN.md to extract product entities, attributes, and business rules.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified for the data ingestion process.\n
- Capability inventory: The skill directs the agent to generate and modify TypeScript (TSX) and JSON configuration files.\n
- Sanitization: No input validation or sanitization logic is defined for the content of the DOMAIN.md file.\n- [COMMAND_EXECUTION]: The skill provides logic and templates for the agent to dynamically generate source code and modify application layout files based on the processed domain data.\n- [EXTERNAL_DOWNLOADS]: The skill configuration involves fetching company branding assets and logos from the well-known Brandfetch service.
Audit Metadata