Skills
skills/rustcrazy/zhulg-skills/easy-app-maker/Gen Agent Trust Hub

easy-app-maker

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill ingests untrusted external data via command arguments which could influence AI output.
  • Ingestion points: skill.json and docs/QUICKSTART.md show commands accepting external files like data sales.csv and knowledge faq.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided skill definitions.
  • Capability inventory: The skill is capable of generating functional HTML, JavaScript, and document content.
  • Sanitization: No sanitization or validation of the input file content is defined in the available files.
  • [Remote Code Execution] (SAFE): No instances of downloading and piping remote scripts to shells or interpreters were found.
  • [Credentials Unsafe] (SAFE): No hardcoded secrets, API keys, or private configuration files were detected in the repository structure.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:40 PM