build-giselle-agent
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of official libraries from the vendor (@giselles-ai) and well-known organizations (Vercel's 'ai' and '@ai-sdk/react'), which are recognized as trusted sources.
- [COMMAND_EXECUTION]: Instructions provided for the developer include standard package management commands (pnpm add) and development server startup (pnpm dev) as part of the intended scaffolding workflow.
- [DATA_EXPOSURE]: The skill guides the developer through the secure setup of an API key via a .env.local file, which is a standard and recommended practice for managing environment variables in Next.js projects.
- [SAFE]: Analysis of the skill instructions and reference materials found no evidence of prompt injection attempts, malicious data exfiltration patterns, or persistence mechanisms.
- [INDIRECT_PROMPT_INJECTION]: The architecture includes an agent that reads from the browser DOM via a snapshot tool (ingestion point: getFormSnapshot). While the templates do not define explicit boundary markers for the DOM data, the agent's capabilities are limited to UI interactions (capability inventory: executeFormActions) and it operates within the context of a sandbox and the user's browser session, adhering to the designed purpose of the SDK.
Audit Metadata