brand-compile
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs shell command execution to handle token processing. It executes a JavaScript CLI at the local path '~/Development/brand-kit/dist/src/cli.js' using Node.js for validation and compilation tasks. Additionally, it runs 'pnpm typecheck' or 'npx tsc' to verify project integrity.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes external data files without explicit security boundaries.
- Ingestion points: The skill reads data from 'brand.yaml', 'brand-profile.yaml', and 'design-tokens.json' within the project root.
- Boundary markers: No delimiters or 'ignore' instructions are provided to prevent the agent from following commands that might be embedded in the YAML or JSON data.
- Capability inventory: The agent can execute system commands and perform file system writes based on the instructions derived from the input files.
- Sanitization: There is no evidence of content validation or sanitization before the data is processed by the CLI tool or the agent.
Audit Metadata