agent-portfolio
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the GitHub CLI (
gh) for repository setup and management. It also utilizesnpmandnpxto bootstrap the Astro project and install required dependencies. Additionally, it generates deployment credentials usingssh-keygen. - [EXTERNAL_DOWNLOADS]: The skill downloads Astro templates and Tailwind CSS from official npm registries. It also employs verified GitHub Actions, including
withastro/actionandpeaceiris/actions-gh-pages, to facilitate the build and deployment process. - [CREDENTIALS_UNSAFE]: The skill manages SSH deploy keys to allow cross-repository pushes. It adheres to security standards by using GitHub Secrets (
DEPLOY_KEY) and providing instructions to delete local key files immediately after configuration. - [DATA_EXFILTRATION]: Data from agent reports and resumes is processed locally to generate site content. This data is only transmitted to the user's own GitHub repositories for hosting. No evidence of unauthorized data transfer to third-party services was found.
- [PROMPT_INJECTION]: The skill is potentially vulnerable to indirect prompt injection from the markdown reports and resume files it processes. Ingestion points:
reports/andmaterials/directories. Boundary markers: No explicit delimiters are used in the parsing logic. Capability inventory: The skill can write files locally and push to GitHub. Sanitization: This risk is mitigated by a mandatory manual review step (Step 4), where the user previews the site locally before final deployment.
Audit Metadata