benchmark
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill downloads an installation script for the 'bun' runtime from the official bun.sh domain. The script's integrity is verified using a hardcoded SHA-256 checksum before execution via bash.
- [COMMAND_EXECUTION]: The preamble and setup sections execute numerous shell commands to manage configurations, check for updates, and initialize environment variables. It utilizes local binaries located in the skill's own directory structure.
- [DATA_EXFILTRATION]: The skill implements telemetry logging and artifact synchronization to remote repositories. These features are documented as opt-in and use interactive questions to obtain user permission before activation.
- [INDIRECT_PROMPT_INJECTION]: The benchmark workflow navigates to external URLs and evaluates JavaScript to collect performance metrics, creating a surface for processing untrusted data.
- Ingestion points: External URLs visited during Phase 3 and Phase 5.
- Boundary markers: No specific delimiters are applied to the data retrieved from external pages.
- Capability inventory: The skill utilizes Bash for execution and Write tools for saving reports to the local filesystem.
- Sanitization: Data extracted from web pages via JavaScript evaluation is used for metric calculation without specific filtering for prompt instructions.
Audit Metadata