Skills
skills/sapiom/skills/sapiom-agent-builder/Gen Agent Trust Hub

sapiom-agent-builder

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The deployment documentation includes examples using execSync to package code into ZIP files.
  • [REMOTE_CODE_EXECUTION]: The skill enables deploying JavaScript code to blaxel.services.sapiom.ai for scheduled execution.
  • [EXTERNAL_DOWNLOADS]: Local testing instructions involve downloading packages via npm install.
  • [PROMPT_INJECTION]: The templates exhibit an indirect injection surface. Ingestion points: Scraped markdown in templates/llm-agent.js. Boundary markers: Template system prompts. Capability inventory: Network requests and code deployment. Sanitization: Truncation is used but no content validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 08:48 AM