agent-sdk-builder
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill interpolates the INITIAL_PROMPT input into its instructions, creating a surface for potential behavior override. It also ingests external documentation and code from OpenHands web and GitHub sources without explicit boundary markers or sanitization, while maintaining capabilities for file writing and web server execution.
- [EXTERNAL_DOWNLOADS]: The agent clones repositories and fetches documentation from official OpenHands sources (github.com/OpenHands and docs.openhands.dev). These resources are trusted as they originate from the skill author's own infrastructure.
- [COMMAND_EXECUTION]: The skill is designed to generate implementation code in the output/ directory and host a visual diagram via a built-in web server. These actions are integral to the agent-building process and operate within the expected workspace environment.
Audit Metadata