Skills
skills/yistc/skills/hono/Gen Agent Trust Hub

hono

Pass

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and executes the @hono/cli package using bunx. This is a standard operation for interacting with the Hono web framework's official tooling.
  • [COMMAND_EXECUTION]: Executes shell commands via the Hono CLI to perform documentation searches, view API references, test application endpoints, and optimize build bundles.
  • [PROMPT_INJECTION]: Presents an indirect prompt injection surface through the following characteristics: \n
  • Ingestion points: Retrieves external content via hono search and hono docs, and reads local application files through hono request. \n
  • Boundary markers: Lacks explicit boundary markers or instructions for the agent to ignore potentially malicious instructions embedded in the processed data. \n
  • Capability inventory: Utilizes shell command execution (bunx) and file system access to perform its primary tasks (SKILL.md). \n
  • Sanitization: Does not specify any sanitization or validation mechanisms for the data retrieved from external documentation or local files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 23, 2026, 10:41 PM