build
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is build automation, mapping project names to predefined
justcommands. This is consistent with its stated purpose of building ESP32 projects. - [PROMPT_INJECTION]: The error analysis phase involves processing build output, which constitutes an indirect prompt injection surface. 1. Ingestion points: Build output from
justcommands. 2. Boundary markers: Absent. 3. Capability inventory:Bash(just:*)andBash(docker:*)tools defined in the frontmatter. 4. Sanitization: Absent. The skill is at low risk as it performs standard log analysis for build troubleshooting. - [COMMAND_EXECUTION]: The skill uses allowed tools to execute containerized builds via
justanddocker. The commands are executed based on explicit logic mapping user input to static command strings, preventing arbitrary command injection.
Audit Metadata