content-driven-development
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs the AEM CLI tool from Adobe's official npm package registry.
- [COMMAND_EXECUTION]: Executes shell commands including aem, npm, git, gh, and curl as part of the standard development, linting, testing, and deployment workflow.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its core functionality. 1. Ingestion points: The workflow involves fetching test content from user-provided URLs and reading local HTML files in the 'drafts/' folder. 2. Boundary markers: The instructions lack explicit delimiters or warnings for the agent to ignore instructions embedded within the data being processed. 3. Capability inventory: The agent has access to shell execution via tools like 'aem', 'npm', and 'git'. 4. Sanitization: No sanitization of the external content or local HTML files is performed before the agent processes them.
Audit Metadata