Skills
skills/forge-town/skills/page-best-practice/Gen Agent Trust Hub

page-best-practice

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is designed for automated frontend code generation and follows strict organizational patterns. It does not perform unauthorized network requests, access sensitive system files, or execute remote code.- [PROMPT_INJECTION]: The skill accepts user-defined page names and descriptions to generate scaffolding. This represents a potential surface for indirect prompt injection if descriptions are sourced from untrusted parties. However, in its intended use case as a developer tool, this risk is minimal.
  • Ingestion points: User input for pageName and description via the defined schema.
  • Boundary markers: None explicitly implemented to isolate the description from the core generation logic.
  • Capability inventory: Capability to write new files to the apps/web/src/pages directory and read existing files in that same scope for analysis.
  • Sanitization: Input is validated using references/schema.ts (Zod), ensuring pageName adheres to PascalCase and basic string constraints.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 10:47 PM