configure-cache-busting
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to perform project discovery, executing commands likepwdandfindto locate configuration files and build directories. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from untrusted local files (e.g.,
package.json,next.config.js,vite.config.ts) without sanitization. - Ingestion points: Reads project dependencies and framework configurations from the local filesystem in Step 1 and Step 2.
- Boundary markers: Does not implement boundary markers or instructions to ignore embedded commands when reading external file content.
- Capability inventory: The skill has the capability to write and edit files and execute shell commands via
Bash. - Sanitization: No evidence of sanitization or validation is present for the content extracted from project files before it is processed or used in configuration templates.
- [COMMAND_EXECUTION]: The skill generates a new Node.js script (
scripts/verify-cache-busting.js) on the user's filesystem and configurespackage.jsonto execute it. This pattern of generating and then facilitating the execution of code is a sensitive operation, even when using predefined templates.
Audit Metadata