deity-agent-builder
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the
TerminalExecutetool from the@limo-labs/deity-toolspackage, which enables agents to run shell commands. This is a core feature of the documented framework intended for developers and is attributed to the vendor's own infrastructure. - [DATA_EXPOSURE]: Documentation includes tools for file system interaction (FileList, FileRead, FileSearchContent). These tools are part of the framework's capability to allow agents to analyze project codebases as part of their intended functionality.
- [DYNAMIC_EXECUTION]: A template in
templates/agent-with-tools.mdincludes an example of a calculator tool using the JavaScriptFunctionconstructor. The example is explicitly marked with a TODO comment advising developers to use a safer evaluator for production code. - [INDIRECT_PROMPT_INJECTION]: The skill provides patterns for building agents that ingest untrusted external data (via file reading or web searching).
- Ingestion points: Tools like FileRead and WebFetch in
reference/tools-reference.mdallow external data into the agent context. - Boundary markers: Templates in
templates/agent-full.mduse structured XML-like tags (, ) to separate instructions from data. - Capability inventory: The framework supports potentially high-impact capabilities like TerminalExecute and file writing.
- Sanitization: While the framework provides the structure, specific sanitization logic is left to the developer implementing the templates.
Audit Metadata