development
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches site configuration and project metadata from Adobe's official AEM administration API (admin.hlx.page). These requests are part of the intended vendor-related functionality and use official Adobe domains.
- [COMMAND_EXECUTION]: The agent uses the Bash tool to traverse the project directory, analyze git commit history for boilerplate filtering, and extract implementation details from source code files to build the documentation content.
- [CREDENTIALS_UNSAFE]: The skill accesses an authentication token stored in a local configuration file (.claude-plugin/project-config.json). It implements security best practices by attempting to add this directory to the project's .gitignore file to prevent accidental credential leakage to the repository.
- [PROMPT_INJECTION]: The skill contains instructions to process information "silently" without showing the user, which is a minor form of output concealment. Additionally, the skill has an indirect prompt injection surface because it reads and analyzes code from the repository while having powerful tools enabled (Bash, Write). While no active exploitation was found, the design allows processed data to influence agent behavior.
- [SAFE]: The skill's operations are consistent with its stated purpose of generating technical documentation for the vendor's platform. No malicious patterns such as exfiltration to unauthorized third-party domains or code obfuscation were detected.
Audit Metadata