joyco-lab
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes several command-line tools to facilitate the development and deployment process.\n
- It utilizes
joyco createandjoyco lab, which are specialized tools provided by the vendor joyco-studio for experiment management.\n - It runs
vercel --prodto deploy the isolated experiments to the Vercel hosting platform.\n - It executes
npm run devto start a local development server for the ported experiment code.\n- [EXTERNAL_DOWNLOADS]: The skill performs dynamic package installation usingnpm install.\n - The packages to be installed are determined by parsing imports from user-provided code, which creates a risk of dependency confusion or typosquatting if the user's source code contains malicious imports.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted user data to drive its automation.\n
- Ingestion points: The agent reads and interprets user-provided code blocks to extract functional descriptions, identify required templates, and list dependencies.\n
- Boundary markers: The skill does not implement delimiters or instructions to ignore commands that may be embedded within the user's code.\n
- Capability inventory: The skill possesses broad capabilities, including the ability to execute shell commands, install software, and deploy to external web services.\n
- Sanitization: There is no evidence of validation or sanitization of the content extracted from the user code before it is passed to CLI tools or used to generate registry entries.
Audit Metadata