skills/adobe/skills/prototype/Gen Agent Trust Hub

prototype

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes system commands to facilitate the development workflow.
  • Uses platform-specific commands (open, xdg-open, start) to launch the default web browser and display prototype viewers.
  • Relies on the GitHub CLI (gh) to perform repository authentication, clone external repositories, and create pull requests during the showcase publishing flow.
  • [EXTERNAL_DOWNLOADS]: The skill downloads content from external sources as part of its publishing feature.
  • Clones the stardust showcase repository from paolomoz/stardust-site on GitHub when the --publish-sample flag is used.
  • [DATA_EXFILTRATION]: The skill facilitates the transfer of project artifacts to external repositories.
  • The --publish-sample feature is designed to stage and push locally generated prototype HTML files and associated design metadata to a remote repository on GitHub.
  • [PROMPT_INJECTION]: The skill processes untrusted external data which constitutes an attack surface for Indirect Prompt Injection (Category 8).
  • Ingestion points: Reads captured website content from stardust/current/pages/<slug>.json and renders it into proposed redesigns. It also embeds live URLs in iframes with allow-scripts permissions for comparison.
  • Boundary markers: Implements structured provenance comment blocks (stardust:provenance) in generated HTML files to track input artifacts and direction.
  • Capability inventory: Performs file system writes (writing HTML and Markdown files), executes shell commands (gh, browser openers), and invokes the impeccable skill to perform complex creative tasks.
  • Sanitization: Employs a 'Content sourcing scan' and validation of token/attribute contracts, though it does not explicitly detail sanitization or escaping of executable content (e.g., <script> tags) present in the source website JSON data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 05:46 PM
Security Audit — agent-trust-hub — prototype