authoring-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Node.js script at '.claude/skills/block-collection-and-party/scripts/get-block-structure.js' to fetch required HTML examples for blocks identified during page analysis.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data to generate command-line arguments.
- Ingestion points: Content sequences and section styling descriptions derived from external web pages provided by the identify-page-structure skill.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore or isolate embedded instructions within the ingested data.
- Capability inventory: Shell execution of local scripts via the node command.
- Sanitization: No sanitization or validation logic is specified for the block names before they are used as arguments in shell commands.
Audit Metadata