Skills
skills/eng0ai/eng0-template-skills/gatsby-ecommerce-netlify/Gen Agent Trust Hub

gatsby-ecommerce-netlify

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • External Downloads (LOW): The skill clones a repository from 'https://github.com/netlify-templates/gatsby-ecommerce-theme.git'. Although the source belongs to a reputable organization, it is not on the explicit trusted list provided in the security protocols.
  • Command Execution (LOW): The skill executes 'npm install', 'npm run build', and 'netlify deploy'. These commands run code and deployment logic defined in the external repository. Severity is reduced because these actions are essential to the skill's primary purpose.
  • Indirect Prompt Injection (LOW): The skill ingests untrusted code from a remote repository which creates a surface for indirect prompt injection. 1. Ingestion points: 'git clone' in 'SKILL.md'. 2. Boundary markers: Absent. 3. Capability inventory: 'npm install', 'npm run build', and 'netlify deploy' in 'SKILL.md'. 4. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:08 PM