create-agent-adapter
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The documentation describes an architecture that utilizes
runChildProcess()to execute CLI-based agents on the host machine. This is the primary intended function of the adapter system. The guide includes safety warnings against usingeval()on process output.\n- [EXTERNAL_DOWNLOADS]: The skill references several Node.js dependencies in its templates, including@paperclipai/adapter-utilsandpicocolors. These originate from the vendor or well-known public registries and are documented for development purposes.\n- [NO_CODE]: This skill consists entirely of technical documentation and code templates in Markdown format. It does not include any executable scripts or binaries within its own distribution.\n- [INDIRECT_PROMPT_INJECTION]: The guide describes a system that ingests and parses untrusted output from LLM-driven agents inserver/parse.tsandui/parse-stdout.ts. While this constitutes an attack surface, the documentation provides remediation guidance: \n - Ingestion points: Agent stdout and stderr parsed in the server and UI modules.\n
- Boundary markers: The templates recommend structured parsing of output lines.\n
- Capability inventory: Adapters are designed to use
runChildProcess()for command execution andfetch()for network requests.\n - Sanitization: The guide explicitly recommends using safe extraction helpers (
asString,parseJson) and warns against dynamic execution of agent output.
Audit Metadata