dreamboard
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the 'dreamboard' CLI tool from the public NPM registry. This is an official vendor resource for the Dreamboard.games platform and is required for the skill's primary functionality.
- [COMMAND_EXECUTION]: The instructions utilize the 'dreamboard' CLI to perform development tasks such as project initialization (
new), synchronization (update), and testing (run,test). These are routine developer operations. - [DATA_EXFILTRATION]: The skill provides a local JavaScript utility,
scripts/events-extract.mjs, designed to parse NDJSON logs generated during game sessions. While the script allows reading files via CLI arguments, its functionality is limited to parsing JSON-formatted content, and it does not perform any network operations itself. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and processes user-provided game rules and manifest files to generate game logic and UI components.
- Ingestion points: Untrusted user-authored content enters the workflow via
rule.mdandmanifest.jsonas described in SKILL.md and building-your-first-game.md. - Boundary markers: Absent. There are no explicit instructions to the agent to treat the content of these files as untrusted or to use specific delimiters.
- Capability inventory: The agent is empowered to write files to the local filesystem, execute shell commands via the CLI, and push code to the remote platform via
dreamboard push(as seen in manifest-authoring.md and phase-handlers.md). - Sanitization: Absent. The skill does not provide mechanisms to sanitize or validate the natural language rules before they are used to influence code generation.
Audit Metadata