Skills
skills/saccoai/agent-skills/saccoai-client-portal/Gen Agent Trust Hub

saccoai-client-portal

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the open command to present the generated static review portal to the user. It also utilizes the vercel CLI to manage deployments and cloud marketplace resources.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with Vercel's infrastructure to deploy Next.js applications and provision Upstash Redis instances for real-time feedback storage.
  • [PROMPT_INJECTION]: The skill processes untrusted input from client-provided feedback which is used to inform downstream cleanup and merge tasks.
  • Ingestion points: Reads user-provided feedback.json files and fetches feedback strings from remote Redis databases.
  • Boundary markers: None identified; the skill directly parses and presents the content of the feedback fields.
  • Capability inventory: Includes shell command execution (open, vercel) and project cleanup capabilities via integration with the saccoai-design-variations skill.
  • Sanitization: No explicit sanitization or filtering of the feedback text is performed before it is presented to the user or passed to the cleanup phase.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 09:17 AM