Skills
skills/fortawesome/fontawesome-agent-tools/setup-fa/Gen Agent Trust Hub

setup-fa

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8).
  • Ingestion points: Project files are analyzed via a subagent (Step 1) and external documentation is retrieved via WebFetch from docs.fontawesome.com (Steps 3 and 5).
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the ingested data.
  • Capability inventory: The skill can execute package manager commands (npm, yarn, pnpm) and write to project files such as .npmrc, .font-awesome.md, and template files.
  • Sanitization: No validation or sanitization of external content is performed before it is processed by the agent.
  • [EXTERNAL_DOWNLOADS]: Fetches setup guidelines and documentation from the vendor's official documentation site (docs.fontawesome.com) and installs packages from the official vendor registry.
  • [COMMAND_EXECUTION]: Executes the Font Awesome CLI (fa) and standard package managers to automate project configuration and dependency installation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 02:54 AM