Skills
skills/incomestreamsurfer/astro-builder-skill/astro-builder/Gen Agent Trust Hub

astro-builder

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The file references/turso-setup.md contains instructions to download and execute an installation script from Turso's official domain via curl -sSfL https://get.tur.so/install.sh | bash.
  • [COMMAND_EXECUTION]: The skill generates an executable shell script at scripts/generate-image.sh (as detailed in references/image-generation.md) that uses curl for API interactions and python3 for processing JSON data.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface during its Discovery phase. * Ingestion points: Untrusted user input defining the site's niche, goals, and content in SKILL.md. * Boundary markers: No delimiters or specific instructions to ignore embedded commands are used for this input. * Capability inventory: The skill can execute shell commands, write files to the local filesystem, and perform network requests. * Sanitization: There is no evidence of validation or sanitization for the user-supplied strings before they are interpolated into project code.
  • [EXTERNAL_DOWNLOADS]: As described in references/image-generation.md, the skill fetches image data from Google's Gemini API at generativelanguage.googleapis.com to create custom assets.
  • [DYNAMIC_EXECUTION]: The skill's fundamental operation involves the dynamic generation of project files and scripts which are subsequently compiled or executed to build the user's website.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 11:40 PM
Security Audit — agent-trust-hub — astro-builder