Skills
skills/involvex/aetheris/web-artifacts-builder/Gen Agent Trust Hub

web-artifacts-builder

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Executes bash scripts (init-artifact.sh and bundle-artifact.sh) to manage the project lifecycle, including file system operations and tool invocation.
  • [COMMAND_EXECUTION]: Uses node -e to programmatically modify local configuration files such as tsconfig.json during the initialization phase.
  • [COMMAND_EXECUTION]: Installs the pnpm package manager globally on the system if it is not already present, which involves modifying the global environment.
  • [EXTERNAL_DOWNLOADS]: Fetches and installs numerous standard frontend development packages from the official NPM registry to satisfy project dependencies.
  • [INDIRECT_PROMPT_INJECTION]: As a tool that generates and builds code based on agent instructions (which may be influenced by user input), it presents a surface for indirect injection; however, it follows standard build patterns and does not exhibit malicious behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 04:43 PM