frontend-mix-validate
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands for package installation and project validation, including
bun install,npm install,pnpm install,tsc --noEmit, andeslint. These are standard operations for the skill's primary purpose of frontend application validation. - [EXTERNAL_DOWNLOADS]: Package manager commands initiate downloads from external registries (e.g., npmjs.org). This behavior is expected and necessary for the stated purpose of validating integrated applications.
- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by ingesting and executing toolchain commands from an external integration summary file.
- Ingestion points: The integration summary file provided via
$ARGUMENTSinSKILL.mdis read to extract commands. - Boundary markers: Absent; the agent is instructed to directly match the commands and toolchain documented in the summary.
- Capability inventory: The skill can execute shell commands and modify source files across the repository.
- Sanitization: There is no explicit validation or sanitization of the extracted commands before they are executed.
Audit Metadata