Skills
skills/grapesjs/skills-studio-sdk/grapesjs-studio-sdk/Gen Agent Trust Hub

grapesjs-studio-sdk

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The documentation provides examples that fetch established web libraries, such as TinyMCE, Swiper, lightGallery, and FsLightbox, from the JSDelivr CDN to provide client-side editor functionality.
  • [PROMPT_INJECTION]: The skill describes an architecture for an AI chat assistant that creates a surface for indirect prompt injection through user input processed by the agent.
  • Ingestion points: User messages entered into the aiChatPanel interface, as documented in rules/plugins/ai/ai-chat.md.
  • Boundary markers: None explicitly defined in the provided snippets; boundaries are expected to be managed by the AI backend implementation.
  • Capability inventory: The assistant can execute commands to create or edit component code, add pages to the project, and run arbitrary editor commands (identified in rules/plugins/ai/ai-chat.md).
  • Sanitization: Sanitization of user input is not explicitly implemented in the documentation examples, as it is a responsibility of the application's backend logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 01:39 PM