arkui-api-design
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a set of operational shell commands for the agent to use within a local development environment. This includes execution of a build script (
./build.sh) with specific flags for product compilation and the use of thegreputility to check for API exports in theout/directory. These commands are legitimate and necessary for the skill's primary functionality of ArkUI SDK development and validation.\n- [PROMPT_INJECTION]: An indirect prompt injection surface exists where user-defined component property or method names are used within shell command templates (e.g.,grepcommands). This is a common pattern in development utility skills; the instructions provide typical workflows but do not explicitly specify input sanitization for the interpolated shell parameters.\n - Ingestion points: User-provided property and method names used to update ArkUI component definitions (found in SKILL.md and README.md).\n
- Boundary markers: None identified in the shell command templates for input delimiting.\n
- Capability inventory: Local shell execution for building the SDK and verifying interface files (README.md, SKILL.md).\n
- Sanitization: No specific validation or escaping logic for user input used in command-line arguments is mentioned.
Audit Metadata