Skills
skills/edgesparkhq/agent-skills/building-edgespark-apps/Gen Agent Trust Hub

building-edgespark-apps

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to interact with the system using the edgespark CLI for core tasks such as database migrations, storage management, and application deployment. Risks are mitigated by instructions to verify command syntax with --help and to treat generated files as read-only.
  • [SAFE]: The skill implements robust security patterns for handling credentials. The edgespark secret set workflow explicitly uses a human-in-the-loop process where secrets are entered through a secure URL in a browser, preventing them from being exposed to CLI output, agent logs, or LLM context.
  • [SAFE]: Functionality focuses on the correct use of official EdgeSpark SDKs and project structures, encouraging the use of managed UI components and API fetch wrappers rather than manual implementations.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it instructs the agent to read and follow instructions from project-specific configuration files. \n
  • Ingestion points: The agent reads edgespark.toml and instruction files such as AGENTS.md, CLAUDE.md, or GEMINI.md. \n
  • Boundary markers: No specific delimiters or safety warnings are implemented for the content of these files. \n
  • Capability inventory: The agent is authorized to execute shell commands via the edgespark CLI. \n
  • Sanitization: There is no validation or filtering of the content within the ingested project files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 03:06 AM