skills/adobe/skills/handover-admin/Gen Agent Trust Hub

handover-admin

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: Executes local shell commands to navigate the project structure, manage local configuration in .claude-plugin/, and use Node.js for JSON parsing.
  • [EXTERNAL_DOWNLOADS]: Communicates with Adobe's official AEM Admin API (https://admin.hlx.page) to retrieve site configurations and project details. This is an expected behavior for an Adobe-authored management tool.
  • [DATA_EXFILTRATION]: Accesses the local IMS token file at ~/.aem/ims-token.json to authenticate API requests to Adobe services. While this involves sensitive credential access, it is performed by the vendor's own skill to interact with its official infrastructure.
  • [PROMPT_INJECTION]: Subject to Indirect Prompt Injection (Category 8). The skill fetches site metadata from an external API and interpolates it into the generated documentation without explicit sanitization.
  • Ingestion points: Site configuration data retrieved from https://admin.hlx.page/config/ (documented in Phase 1.1).
  • Boundary markers: Absent; API data is placed directly into markdown templates for the admin guide.
  • Capability inventory: The skill can write files (Write), execute shell commands (Bash), and invoke other skills (Skill).
  • Sanitization: No sanitization or validation of the external API content is performed before generating the ADMIN-GUIDE.md file.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 12:29 PM
Security Audit — agent-trust-hub — handover-admin