astro
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill contains standard educational content for the Astro framework, demonstrating legitimate project initialization and routing patterns.
- [EXTERNAL_DOWNLOADS]: Uses standard tooling such as
npm create astro@latestto initialize projects, which fetches resources from official registries. - [PROMPT_INJECTION]: Identifies attack surfaces for indirect prompt injection when processing untrusted data through content collections or SSR requests. The skill proactively recommends sanitizing user-supplied content before rendering with
set:html. Ingestion points includesrc/content/andAstro.request. Boundary markers include YAML frontmatter delimiters. Capability inventory includes file system access and network operations. Sanitization is explicitly addressed in the security notes.
Audit Metadata