portfolio-site
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill defines a routine development workflow for a personal portfolio website. No malicious behavior, credential harvesting, or exfiltration was identified.
- [EXTERNAL_DOWNLOADS]: Uses
npm installto fetch project dependencies, which is a standard procedure for Node.js application development. - [COMMAND_EXECUTION]: Employs standard local commands (
npm run dev) to start the development server for the repository. - [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection by reading local documentation files. Ingestion points:
AGENTS.md,docs/USAGE_GUIDE.md,docs/CONTENT_SOURCE.md. Boundary markers: Absent. Capability inventory: Local file modification and shell command execution. Sanitization: Absent.
Audit Metadata