scaffold
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill uses
npx skills addto download and install external code packages. While this is the primary intended function of a scaffolding tool, the 'skills' package and its associated registry are not part of the pre-approved trusted organization list. - [COMMAND_EXECUTION] (LOW): The skill instructs the agent to execute shell commands (
mkdir,touch,npx). Thenpxcommand specifically executes dynamic input ([required-skill]), which could be exploited if malicious input is provided to the agent. - [DATA_EXFILTRATION] (SAFE): No patterns related to accessing sensitive files (e.g., .ssh, .aws) or sending data to untrusted remote servers were detected.
- [PROMPT_INJECTION] (SAFE): No instructions attempting to bypass safety filters, extract system prompts, or disregard previous instructions were identified.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill presents an attack surface where untrusted data could influence command execution.
- Ingestion points: File
SKILL.mdtakes dynamic input for[required-skill]and[Role Name]. - Boundary markers: Absent; there are no specific delimiters or instructions to ignore embedded commands within the input.
- Capability inventory: File
SKILL.mdtriggers shell command execution vianpx. - Sanitization: Absent; the skill name is interpolated directly into the command line template.
Audit Metadata