joyco-lab
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various CLI tools (
joyco,npm,vercel) to perform project scaffolding, dependency installation, and production deployment. These actions are directly aligned with the skill's primary function. - [EXTERNAL_DOWNLOADS]: The skill manages the installation of external Node.js packages via
npm install. The specific packages are identified by the agent based on the contents of the code being processed. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it analyzes user-provided code to derive project metadata and dependency lists. While this poses a theoretical risk of installing malicious packages if the input code is adversarial, it is an inherent aspect of the tool's functionality.
- Ingestion points: User-provided code snippets analyzed in Step 1 and Step 5 of the workflow.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded commands within the processed code.
- Capability inventory: File system access, package installation (
npm install), command execution (npm run dev), and production deployment (vercel --prod). - Sanitization: No sanitization or validation of package names or extracted metadata is performed before use in subsequent commands.
Audit Metadata