Skills
skills/wasp-lang/open-saas/getting-started/Gen Agent Trust Hub

getting-started

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill employs a workflow that fetches instructions from external documentation (docs.opensaas.sh) and follows them to perform setup tasks. While this is the intended functionality for onboarding, it represents an indirect prompt injection surface.
  • Ingestion points: Documentation map and guides fetched in SKILL.md.
  • Boundary markers: None; external content is followed as the authoritative source of instructions.
  • Capability inventory: Shell command execution (wasp CLI) and project management commands.
  • Sanitization: Instructions from the remote guide are processed directly by the agent.
  • [EXTERNAL_DOWNLOADS]: Fetches project maps and documentation from the vendor's official domain (docs.opensaas.sh) and GitHub repositories.
  • [COMMAND_EXECUTION]: Runs the 'wasp version' command to verify environment state and executes standard project startup commands (database migrations, server start) as guided by the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 05:00 PM