building-edgespark-apps
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains standard operational instructions for the AI agent and does not exhibit any attempts to bypass safety filters or override system constraints. No malicious instruction patterns were found.
- [CREDENTIALS_UNSAFE]: The instructions explicitly emphasize that secret values must never pass through the CLI output, agent context, or LLM API calls. It implements a secure hand-off where the agent provides a URL for the human user to enter secrets directly in a browser.
- [COMMAND_EXECUTION]: The skill directs the agent to execute commands using the
edgesparkCLI. These commands are limited to the vendor-provided tool for managing the project infrastructure (deployments, migrations, and auth configuration). - [EXTERNAL_DOWNLOADS]: The skill references official vendor resources, including the
@edgespark/webSDK and theedgesparkCLI. These are standard dependencies for the platform and are consistent with the skill's stated purpose. - [INDIRECT_PROMPT_INJECTION]: The agent is instructed to read project-level files such as
edgespark.tomland instruction files likeAGENTS.md. While these constitute an ingestion surface for external data, the skill's focus on a specific CLI tool and the clear boundaries for secret handling mitigate potential risks associated with processing these files.
Audit Metadata