content-driven-development

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Installs the AEM CLI tool from Adobe's official npm package registry.
  • [COMMAND_EXECUTION]: Executes shell commands including aem, npm, git, gh, and curl as part of the standard development, linting, testing, and deployment workflow.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its core functionality. 1. Ingestion points: The workflow involves fetching test content from user-provided URLs and reading local HTML files in the 'drafts/' folder. 2. Boundary markers: The instructions lack explicit delimiters or warnings for the agent to ignore instructions embedded within the data being processed. 3. Capability inventory: The agent has access to shell execution via tools like 'aem', 'npm', and 'git'. 4. Sanitization: No sanitization of the external content or local HTML files is performed before the agent processes them.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 07:35 AM
Security Audit — agent-trust-hub — content-driven-development