datahub-mfe-configure-app
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local scripts
scripts/dev/datahub-dev.shandrun-local-frontend(located indatahub-frontend/run/) to rebuild and restart the DataHub frontend after configuration updates. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface where untrusted data is processed. 1. Ingestion points: User-provided configuration values enter via the
AskQuestiontool inSKILL.md. 2. Boundary markers: Delimiters or 'ignore embedded instructions' warnings are absent when interpolating input into configuration files. 3. Capability inventory: The skill performs file-write operations on configuration YAMLs and executes shell scripts acrossSKILL.md. 4. Sanitization: No escaping or validation of external content is performed before interpolation.
Audit Metadata