web-artifacts-builder
Warn
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/init-artifact.shscript is vulnerable to shell command injection through thePROJECT_NAMEargument. The variable is interpolated into asedcommand using a pattern that allows an attacker to break out of the intended string and execute arbitrary shell commands. - Evidence: Line 66 in
scripts/init-artifact.shuses$SED_INPLACE 's/<title>.*<\/title>/<title>'"$PROJECT_NAME"'<\/title>/' index.htmlwhich is susceptible to injection if the project name contains single quotes or shell metacharacters. - [COMMAND_EXECUTION]: The
scripts/init-artifact.shscript executesnpm install -g pnpm, which installs a package globally on the system, potentially altering the environment without explicit user confirmation. - Evidence: Line 43 in
scripts/init-artifact.sh. - [EXTERNAL_DOWNLOADS]: The skill's scripts download and install numerous packages from the npm registry (npmjs.org). While these are standard development libraries (Vite, Tailwind CSS, Radix UI, Parcel), they constitute a significant external dependency surface.
- Evidence: Multiple
pnpm installandpnpm addcommands throughout the initialization and bundling scripts. - [COMMAND_EXECUTION]: The
scripts/init-artifact.shscript utilizesnode -eto execute dynamic JavaScript code for modifying project configuration files. - Evidence: Lines 183 and 195 in
scripts/init-artifact.sh.
Audit Metadata