Skills
skills/levnikolaevich/claude-code-skills/ln-773-cors-configurator/Gen Agent Trust Hub

ln-773-cors-configurator

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local system commands for environment detection and validation purposes. Specifically, it uses grep for idempotency checks, dotnet build or python -m py_compile for syntax validation, and curl for local preflight request testing against localhost.
  • [EXTERNAL_DOWNLOADS]: The diagram.html file includes a reference to the Mermaid.js library via cdn.jsdelivr.net. This is a well-known and trusted Content Delivery Network (CDN) service used for rendering workflow diagrams.
  • [INDIRECT_PROMPT_INJECTION]: The skill possesses an indirect injection surface as it ingests data from untrusted local project files.
  • Ingestion points: Reads project directory structures and configuration files like .env and appsettings.json to detect frontend origins.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded content are defined for the input files.
  • Capability inventory: The skill can perform file writes, execute build commands, and trigger local network requests via curl.
  • Sanitization: The skill does not explicitly detail sanitization logic for the data read from project files before using it in code generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 07:47 PM