web-artifacts-builder
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Unverifiable Dependencies & Remote Code Execution] (HIGH): The skill relies on 'scripts/init-artifact.sh' and 'scripts/bundle-artifact.sh' which are not provided for review. Executing unvetted local shell scripts is a high-risk activity that can lead to arbitrary code execution.
- [External Downloads] (MEDIUM): The bundling script installs several Node.js packages from external registries at runtime, including 'parcel', '@parcel/config-default', 'parcel-resolver-tspaths', and 'html-inline'.
- [Indirect Prompt Injection] (HIGH): The skill creates an attack surface where untrusted data is processed by high-privilege tools. 1. Ingestion points: User-provided code files and project names. 2. Boundary markers: Absent (no delimiters or instructions to ignore embedded commands). 3. Capability inventory: Command execution via shell scripts, file system writes, and bundling processes. 4. Sanitization: Absent. Malicious code within a generated artifact could potentially exploit the build environment.
Recommendations
- AI detected serious security threats
Audit Metadata