api-designer
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes
run_commandto executenpx @redocly/cli lint, which involves fetching the Redocly CLI package from the npm registry at runtime. - [COMMAND_EXECUTION]: The skill is configured to use the
run_commandtool to perform API validation and linting, which is a standard part of its primary functionality as an API designer. - [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection because it ingests untrusted data from the user's local codebase and has powerful capabilities to write files and execute commands.
- Ingestion points: The skill uses
read_fileandgrepto analyze existing API code, route definitions, and middleware. - Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from being influenced by malicious instructions contained within the analyzed source files.
- Capability inventory: The skill possesses file-writing capabilities (
rewrite_file,edit_file,create_file_or_folder) and command execution capabilities (run_command). - Sanitization: No sanitization or validation of the ingested file content is performed prior to the agent processing it.
Audit Metadata