Skills
skills/sebas-aikon-intelligence/antigravity-awesome-skills/app-builder/Gen Agent Trust Hub

app-builder

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill is highly susceptible to Indirect Prompt Injection. Evidence Chain: (1) Ingestion points: User natural language requests are the primary driver in SKILL.md and project-detection.md. (2) Boundary markers: There are no instructions to use delimiters or ignore embedded instructions within user-provided data. (3) Capability inventory: The skill has broad access to Bash, Write, Edit, and Agent tools. (4) Sanitization: There is no logic provided to sanitize user-defined variables (e.g., project names, feature descriptions) before they are used in commands.
  • [COMMAND_EXECUTION] (MEDIUM): The skill uses the Bash tool to run commands like npm install, npx create-next-app, and pip install. If subverted by a malicious request, this allows for arbitrary command execution.
  • [EXTERNAL_DOWNLOADS] (LOW): The templates reference a wide range of external dependencies from npm and PyPI. While standard for development, they represent an external dependency surface.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:50 AM