artifacts-builder
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell scripts (
scripts/init-artifact.shandscripts/bundle-artifact.sh) to initialize the environment and bundle the final output. - [EXTERNAL_DOWNLOADS]: The bundling process involves downloading and installing several Node.js packages from public registries, including
parcel,@parcel/config-default,parcel-resolver-tspaths, andhtml-inline. - [PROMPT_INJECTION]: The skill operates by transforming user-provided descriptions into functional code artifacts, creating a surface for indirect prompt injection. Maliciously crafted user prompts could attempt to influence the agent's behavior or embed instructions into the generated codebase.
- Ingestion points: User requests and design specifications provided to the agent for artifact creation (referenced in the general development workflow).
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the skill definition.
- Capability inventory: Includes shell command execution (bash), file system writes (editing generated files), and network access for package installation.
- Sanitization: The skill does not define specific sanitization or validation logic for the input used to generate code.
Audit Metadata