app-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill interprets natural language requests to perform actions using powerful tools (Bash, Write). This is the intended primary purpose of an 'App Builder' orchestrator. While this creates a vulnerability surface where a malicious user could attempt to inject commands, the skill itself follows best practices and contains no malicious instructions.
- Ingestion points: User natural language requests for project creation (SKILL.md, project-detection.md).
- Boundary markers: None explicitly defined in the markdown logic.
- Capability inventory: Bash, Write, Edit, Glob, Grep, Agent (SKILL.md).
- Sanitization: Not explicitly implemented; relies on the underlying LLM safety filters and user oversight during execution.
- [External Downloads] (SAFE): The skill references standard, well-known libraries and frameworks from trusted public registries. All download commands (npm install, pip install) are standard for the development workflows described.
- [Command Execution] (SAFE): The use of Bash is limited to routine project initialization, dependency management, and local development server commands (e.g., npx, uvicorn, flutter run).
Audit Metadata