build
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill executes a local JavaScript file
scripts/build.mjsvianode. This provides a direct command execution capability within the agent's runtime environment.\n- [PROMPT_INJECTION] (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8) due to its processing of untrusted project data.\n - Ingestion points: Site source files located in
src/,_partials/, and the configuration filesite.config.json(referenced in SKILL.md).\n - Boundary markers: Absent. The skill instructions do not specify any delimiters or instructions to ignore embedded commands within the project source files.\n
- Capability inventory: The skill possesses file-write capabilities (refreshing the
dist/directory) and script execution capabilities (nodecommand).\n - Sanitization: Absent. The skill instructions assume the content extracted from
<!-- meta -->blocks and source files is safe to process and inject into the final build artifacts without validation.
Recommendations
- AI detected serious security threats
Audit Metadata