rapid-prototyper
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires access to the
BashandTasktools to scaffold projects and configure development environments. This allows for full shell access, which is consistent with the skill's purpose but represents a significant capability.\n- [EXTERNAL_DOWNLOADS]: The agent integrates various well-known APIs and libraries from trusted services like OpenAI, Stripe, and Supabase. These external resources are standard for modern application prototyping.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted user instructions to generate and execute code.\n - Ingestion points: User requirements for app prototypes and feature descriptions.\n
- Boundary markers: No delimiters or specific instructions are provided to the agent to ignore potentially malicious embedded instructions in user data.\n
- Capability inventory: The agent has high-privilege tool access, including
Bash,Write, andTask, which can be leveraged if an injection is successful.\n - Sanitization: There is no indication that user-provided input is sanitized before being used to generate code or execute system commands.
Audit Metadata