feature-builder
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided feature requirements to generate code and execute shell commands, creating an attack surface for indirect prompt injection.\n
- Ingestion points: User feature requests (e.g., "Implement user authentication") as described in the "When to Use This Skill" section of SKILL.md.\n
- Boundary markers: The skill lacks explicit instructions or delimiters to isolate user-provided requirements during the code generation process.\n
- Capability inventory: The skill is granted access to potentially dangerous tools including
Write,Edit, andBash.\n - Sanitization: No sanitization or validation of the user's natural language requirements is performed before they are incorporated into generated file content or command arguments.\n- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to perform project environment setup and dependency installation.\n - Evidence: SKILL.md Step 5 demonstrates executing
npm installto set up the project environment.\n- [EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of external libraries via the standard NPM registry.\n - Evidence: SKILL.md Step 5 recommends installing well-known, industry-standard packages including
@tanstack/react-query,zustand,zod, andaxios.
Audit Metadata