interactive-study-guide
Warn
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (MEDIUM): The skill executes a local shell script (
scripts/scaffold.sh) and starts a development server vianpx vite. These commands use project-specific arguments that could be subject to injection if the input data or project metadata is maliciously crafted. - [External Downloads] (MEDIUM): The workflow involves running
npm installandnpx vite, which download and execute code from the public npm registry. This introduces risks related to supply chain attacks and untrusted dependency execution. - [Indirect Prompt Injection] (LOW): The skill processes untrusted markdown files as its primary input. 1. Ingestion points: User-provided markdown file path in Step 1. 2. Boundary markers: None; parsing depends on expected heading patterns. 3. Capability inventory: Local bash script execution, npm package installation, and Vite server execution. 4. Sanitization: No sanitization or validation of the input markdown content is described before it is transformed into application code.
- [Dynamic Execution] (MEDIUM): The skill is designed for dynamic code generation, creating a Vite-based single-page application and individual interactive components based on the input data, then executing this generated code via a local development server.
Audit Metadata