extension-dev

Pass

Audited by Gen Agent Trust Hub on Jul 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the extension CLI and npm scripts to manage the lifecycle of browser extensions, including extension dev, extension build, and extension publish.
  • [EXTERNAL_DOWNLOADS]: Fetches project templates and metadata from the vendor's GitHub repository (github.com/extension-js/examples). These are used for project initialization and are retrieved from trusted sources.
  • [REMOTE_CODE_EXECUTION]: Includes the extension eval tool designed for debugging code within the extension's runtime environment, which is a standard part of the developer toolset.
  • [PROMPT_INJECTION]: The skill processes user-defined extension project files such as manifest.json and source code. While this represents a potential surface for Indirect Prompt Injection, it is a necessary function of the development toolchain.
  • Ingestion points: Reads manifest and script files from the local project directory (e.g., src/manifest.json).
  • Boundary markers: None explicitly mentioned in the instructions for project file ingestion.
  • Capability inventory: Performs code compilation, browser orchestration, and CLI-based debugging (via extension eval).
  • Sanitization: Not explicitly defined; the skill relies on the underlying framework's build process.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 17, 2026, 01:46 PM
Security Audit — agent-trust-hub — extension-dev