Skills
skills/usehyperstack/skills/hyperstack-build/Gen Agent Trust Hub

hyperstack-build

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the hyperstack-cli utility via cargo install or npm install as part of the project setup.
  • [COMMAND_EXECUTION]: Executes shell commands through the hs CLI and cargo for building Rust projects and managing stack deployments as described in SKILL.md.
  • [DATA_EXFILTRATION]: The hs up command is used to deploy locally developed stack code and configurations to the vendor's cloud infrastructure.
  • [CREDENTIALS_UNSAFE]: The hs auth login command handles API keys for account authentication, which are provided via command-line flags or interactive prompts.
  • [PROMPT_INJECTION]: The skill processes Solana IDL files sourced from external locations, which represents an indirect prompt injection surface.
  • Ingestion points: IDL JSON files located in the idl/ directory, as referenced in the stack definition module in SKILL.md.
  • Boundary markers: No specific boundary markers or "ignore instructions" warnings are identified for the data processing pipeline.
  • Capability inventory: Deployment capabilities via hs up and build operations via cargo build are available to the skill.
  • Sanitization: No explicit sanitization or schema validation for external IDL content is mentioned in the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 02:26 AM