app-builder
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute shell commands for project initialization and dependency management, such as 'npm install', 'pip install', and 'flutter create', across numerous technology templates including Next.js, FastAPI, and Electron.
- [EXTERNAL_DOWNLOADS]: The templates guide the agent to fetch third-party libraries and frameworks from official and well-known registries such as NPM, PyPI, and Pub.dev to support the selected technology stacks.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it orchestrates code generation and file system operations based on natural language requests.
- Ingestion points: Natural language user requests are processed in 'SKILL.md' and 'project-detection.md' to determine project structure and content.
- Boundary markers: Absent; the instructions do not specify delimiters or warnings to disregard instructions potentially embedded within user-provided data.
- Capability inventory: The agent has extensive capabilities including writing code files and executing shell commands for scaffolding and dependency management across all template files.
- Sanitization: Absent; no instructions are provided to sanitize or escape user input before it is used to influence the generated project structure or content.
Audit Metadata