Skills
skills/vechain/vechain-ai-skills/frontend/Gen Agent Trust Hub

frontend

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to perform standard development operations such as environment management via nvm use and project builds with npm run build.
  • [EXTERNAL_DOWNLOADS]: Mentions the use of npx create-vechain-dapp@latest for project initialization. This command fetches and executes the official scaffolding tool from the npm registry, which is a standard procedure for this vendor's ecosystem.
  • [PROMPT_INJECTION]: The skill processes user input and project files to adapt its behavior, creating a surface for indirect prompt injection. \n
  • Ingestion points: Reads project-specific files such as .nvmrc and turbo.json (SKILL.md). \n
  • Boundary markers: None identified. \n
  • Capability inventory: Execution of developer tools including nvm, npm, and npx (SKILL.md, references/frontend.md). \n
  • Sanitization: None identified. This surface is functional for the intended use-case of automated project configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 10:32 AM