Skills
skills/can4hou6joeng4/landing-craft/citycraft/Gen Agent Trust Hub

citycraft

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several local utility scripts (run_preview.py, get_city_tokens.py, extract_variant.py) to manage design component extraction and the interactive selection workflow. These scripts facilitate communication between the AI agent and a local web browser bridge.
  • [COMMAND_EXECUTION]: Shell utilities including sed, eval, and mkdir are used to assemble the project files and inject design tokens. The eval command specifically processes output from the internal color extraction script.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to run the netlify and vercel deployment tools and references the GSAP library from Cloudflare's CDN. These are well-known and trusted external services.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it ingests untrusted user input (product name and headline) and uses it in shell command arguments.
  • Ingestion points: SKILL.md (Step 2 and Step 3 script blocks).
  • Boundary markers: Absent; user input is directly substituted into command strings.
  • Capability inventory: The skill uses eval, sed, npx, and gh to process input and perform network and system operations.
  • Sanitization: Absent; the input is not validated or escaped before being passed to the shell sink.
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) to automate the creation of public repositories and the configuration of GitHub Pages for the generated sites.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 06:31 PM