Skills
skills/haibaraaiaptx/frontend-openapi-skills/adapt-materal-enums/Gen Agent Trust Hub

adapt-materal-enums

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to manage dependencies and process data.
  • Evidence: Use of pnpm exec, npx, and cleanup commands such as rm -f or Remove-Item for temporary file management.
  • [EXTERNAL_DOWNLOADS]: The workflow requires downloading a third-party package from the npm registry.
  • Evidence: Installation and execution of @aptx/frontend-tk-cli, which is the author's specified tool.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection because it processes untrusted content from a remote API.
  • Ingestion points: Data fetched from the user-provided <base-url> into ./tmp/enum-patch.json and then read by the agent.
  • Boundary markers: None present; the instructions do not include delimiters or warnings to ignore instructions embedded in the API data.
  • Capability inventory: The skill utilizes subprocess execution via the aptx-ft CLI and file system modification (read/write/delete).
  • Sanitization: There is no evidence of sanitization for the comment or value fields before they are passed to the LLM for processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 04:31 PM