add-cdn-bundle
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides standard documentation-driven development instructions for internal repository modifications.
- [COMMAND_EXECUTION]: Verification steps involve executing standard repository scripts (
yarn lint,yarn build:dev,yarn test) to ensure code quality and build success. - [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided feature names to generate file paths and content. Ingestion points:
feature-comboargument. Boundary markers: Absent. Capability inventory: File creation and modification, shell command execution viayarn. Sanitization: None specified. This represents a potential surface for indirect injection, but is evaluated as safe given the developer-focused use case.
Audit Metadata