Skills
skills/fw1201/tw-edu-skills/tw-edu-mini-app/Gen Agent Trust Hub

tw-edu-mini-app

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script (scripts/generate_mini_app.py) to automate the generation of educational web applications. This is a core part of its intended functionality.
  • [EXTERNAL_DOWNLOADS]: The documentation and skill instructions reference the installation and use of the Vercel CLI (npm i -g vercel) and Vercel MCP. These are well-known, trusted services used for web deployment.
  • [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect injection as it ingests user-provided content (quiz questions, titles) and uses it to generate executable web code.
  • Ingestion points: User input collected via questions Q1-Q5 in SKILL.md for application content and metadata.
  • Boundary markers: Absent; the instructions do not specify delimiters to isolate user-provided content within the generation prompt.
  • Capability inventory: The skill uses Bash, Write, and Read tools, and executes a local Python script to write files to the system.
  • Sanitization: The generation script (scripts/generate_mini_app.py) correctly uses json.dumps() to escape the main question data, though metadata fields (title, subject) are inserted into HTML templates without explicit escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 12:34 AM