Skills
skills/sargupta/sahayakai/web-artifacts-builder/Gen Agent Trust Hub

web-artifacts-builder

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The init-artifact.sh script uses the user-provided project name argument directly in shell commands and directory navigation. If the project name contains shell metacharacters, it could lead to arbitrary command execution on the host system.
  • [COMMAND_EXECUTION]: The initialization script performs a global installation of pnpm via npm install -g pnpm, which affects the global system environment.
  • [EXTERNAL_DOWNLOADS]: The skill fetches numerous standard frontend development packages from the NPM registry.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface through the project name input.
  • Ingestion points: $PROJECT_NAME argument in scripts/init-artifact.sh
  • Boundary markers: None provided to prevent command injection or name manipulation
  • Capability inventory: Shell command execution, directory management, and package installation
  • Sanitization: No validation or escaping is performed on the project name before usage in shell commands
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:35 AM