building-edgespark-apps

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill contains standard operational instructions for the AI agent and does not exhibit any attempts to bypass safety filters or override system constraints. No malicious instruction patterns were found.
  • [CREDENTIALS_UNSAFE]: The instructions explicitly emphasize that secret values must never pass through the CLI output, agent context, or LLM API calls. It implements a secure hand-off where the agent provides a URL for the human user to enter secrets directly in a browser.
  • [COMMAND_EXECUTION]: The skill directs the agent to execute commands using the edgespark CLI. These commands are limited to the vendor-provided tool for managing the project infrastructure (deployments, migrations, and auth configuration).
  • [EXTERNAL_DOWNLOADS]: The skill references official vendor resources, including the @edgespark/web SDK and the edgespark CLI. These are standard dependencies for the platform and are consistent with the skill's stated purpose.
  • [INDIRECT_PROMPT_INJECTION]: The agent is instructed to read project-level files such as edgespark.toml and instruction files like AGENTS.md. While these constitute an ingestion surface for external data, the skill's focus on a specific CLI tool and the clear boundaries for secret handling mitigate potential risks associated with processing these files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 09:35 PM
Security Audit — agent-trust-hub — building-edgespark-apps