needle-engine
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a local Node.js utility (
scripts/lookup-api.mjs) used by the agent to programmatically search through library type definitions in the workspace. - [EXTERNAL_DOWNLOADS]: The documentation references official vendor domains (
needle.tools,cloud.needle.tools) and CDNs (jsdelivr.net) for fetching engine components and assets. It also utilizes the officialneedle-toolsGitHub Action for deployment. - [DATA_EXFILTRATION]: The skill provides instructions for deploying project builds to Needle Cloud via GitHub Actions or CLI tools, which is the intended functional purpose of the tool for development workflows.
- [PROMPT_INJECTION]: The skill instructions define an indirect injection attack surface as the agent is directed to ingest and process untrusted project metadata and library source files.
- Ingestion points: Project-level files such as
package.json,tsconfig.json, and library-specific.d.tsfiles. - Boundary markers: No specific delimiters or boundary warnings are implemented in the API lookup script.
- Capability inventory: File system write access (for
CLAUDE.mdsetup), shell execution for utility scripts, and network access for project deployment. - Sanitization: Data read from the filesystem is processed directly without content validation or sanitization.
Audit Metadata