web-artifacts-builder
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes bash scripts to automate the lifecycle of a frontend project, including directory creation, file system manipulation, and artifact bundling.
- [EXTERNAL_DOWNLOADS]: The tool installs a comprehensive list of standard, well-known frontend packages from the npm registry to support React development and shadcn/ui component integration.
- [COMMAND_EXECUTION]: During initialization, the script attempts to install the pnpm package manager globally if it is missing, which is a common setup procedure for this toolchain.
- [COMMAND_EXECUTION]: Node.js is used to dynamically parse and update project configuration files (tsconfig.json) to ensure proper path alias support.
- [PROMPT_INJECTION]: The tool's architecture, which involves processing and bundling code that may be modified by an agent or user, creates a surface for indirect prompt injection.
- Ingestion points: Project source files created and edited during development (e.g., src/App.tsx).
- Boundary markers: No specific boundary markers or 'ignore' instructions are present in the scripts.
- Capability inventory: The skill can execute shell commands, install npm packages, and run bundling tools like Parcel.
- Sanitization: The bundling process does not perform sanitization or validation of the input source code beyond standard compilation checks.
Audit Metadata