Skills
skills/netlify/context-and-tools/netlify-identity/Gen Agent Trust Hub

netlify-identity

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs installation of the @netlify/identity library from the official npm registry.
  • [COMMAND_EXECUTION]: Provides instructions for using standard Netlify CLI commands to deploy and test functions.
  • [PROMPT_INJECTION]: The documentation describes Identity Event Functions that ingest untrusted user data during account creation events, creating a surface for indirect prompt injection. 1. Ingestion points: netlify/functions/identity-signup.mts (processes event.body). 2. Boundary markers: No explicit boundary markers or warnings against processing embedded instructions are present in the snippets. 3. Capability inventory: These functions have the capability to modify user roles and metadata. 4. Sanitization: No sanitization or validation of user-provided data is shown in the examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 06:12 AM