publish-research-site

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard development tools including npm, vercel, gh, and yt-dlp. These are used for building the site, deploying to Vercel, and interacting with GitHub repositories.
  • [EXTERNAL_DOWNLOADS]: The skill fetches the Vercel CLI and project dependencies from the official NPM registry. These downloads originate from well-known and trusted services.
  • [REMOTE_CODE_EXECUTION]: The command npx vercel@latest is used to download and execute the deployment tool at runtime. This is a standard practice for ensuring the latest version of the CLI is used during deployment.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external web content through a deep research phase to generate website code. While this creates a surface for indirect prompt injection, the skill mitigates this by using a structured site brief template and requiring local verification and build steps before deployment.
  • Ingestion points: Web research data processed via the $deep-research skill.
  • Boundary markers: Use of references/site-brief-template.md to structure information.
  • Capability inventory: Build (npm run build) and deployment (vercel --yes) commands.
  • Sanitization: Local verification checks (linting, production builds) are mandated before deployment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:17 AM
Security Audit — agent-trust-hub — publish-research-site