web-artifacts-builder
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): The skill documentation states that
bundle-artifact.shinstalls multiple npm packages (parcel,html-inline, etc.) at runtime. This creates a dependency on external sources that could be compromised. - [COMMAND_EXECUTION] (HIGH): The core functionality relies on
bashscripts (init-artifact.shandbundle-artifact.sh) which have the ability to execute arbitrary system commands. - [REMOTE_CODE_EXECUTION] (HIGH): The skill facilitates the download and execution of code from the npm registry via shell scripts, which is a common vector for supply-chain attacks.
- [Indirect Prompt Injection] (HIGH): The skill processes untrusted code provided by the user/agent.
- Ingestion points: React and TypeScript source files within the initialized project directory.
- Boundary markers: None. The bundling script processes all files in the project root.
- Capability inventory: Shell execution (bash), package installation (npm), and file creation.
- Sanitization: None. No content validation is performed prior to the bundling process.
Recommendations
- AI detected serious security threats
Audit Metadata