builder
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to generate and execute code based on user-provided descriptions ('what to build'). This creates a natural surface for indirect prompt injection where the agent processes untrusted user input to perform actions. However, this is inherent to the skill's purpose as a builder tool, and no adversarial instructions are present in the skill itself.
- [EXTERNAL_DOWNLOADS]: The skill mentions and provides examples for using established services and libraries such as GitHub Pages, Netlify, Vercel, and the
python-pptxlibrary. These references are standard for the skill's stated goal of building and deploying software artifacts. - [COMMAND_EXECUTION]: The instructions include examples of using shell commands for deployment and project management, such as
npx gh-pages,netlify deploy, andgit worktree. These are standard development operations used to fulfill the primary purpose of the skill.
Audit Metadata