Skills
skills/wasp-lang/claude-plugins/start-dev-server/Gen Agent Trust Hub

start-dev-server

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill executes standard local development commands (wasp start, wasp start db, wasp db migrate-dev). These operations are consistent with the skill's primary purpose.
  • [DATA_EXPOSURE] (LOW): The skill accesses the .env.server file to check for the DATABASE_URL. While environment files are sensitive, the access is restricted to local grep operations to determine configuration state, and no data is transmitted externally.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill reads data from local configuration files (.env.server, schema.prisma) which could theoretically contain malicious instructions.
  • Ingestion points: Reading .env.server and schema.prisma content into the agent context.
  • Boundary markers: Absent; the skill does not use specific delimiters when reading these files.
  • Capability inventory: Subprocess execution via wasp CLI and interaction with local network ports (3000, 3001).
  • Sanitization: None detected for file content ingestion, but the risk is low as these are typically developer-controlled files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:38 PM