integrate-webapi
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Automated Build and Validation: The skill executes
npm run buildand local Node.js scripts (such asgenerate-uuid.jsandvalidate-webapi-integration.js) for project validation and orchestration. These operations are performed within the local development environment and are standard for ensuring that integrated code is functional and follows vendor conventions. - Analysis of Source Files: The skill reads project source code and data models to identify integration points. This processing of project data represents an area for review regarding indirect instruction processing if the analyzed files contain specific comments.
- Indirect Injection Surface Details: (1) Ingestion points: Site source code files and
.datamodel-manifest.json(Phase 2.1). (2) Boundary markers: No specific markers are used to isolate file content in the instructions provided to sub-agents. (3) Capability inventory: Tools for file writing, editing, and bash execution are available to the skill. (4) Sanitization: Information extracted from project files is used to guide subsequent code generation steps without explicit sanitization. - Environment Interaction: The skill uses the
Bashtool to perform project management tasks like git commits and directory searches, which is standard behavior for a development-focused agent.
Audit Metadata