Skills
skills/manaflow-ai/cmux-skills/cmux-artifact/Gen Agent Trust Hub

cmux-artifact

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its handling of untrusted data from logs and transcripts.
  • Ingestion points: Collects terminal output, command transcripts, and logs in SKILL.md (Step 1).
  • Boundary markers: No explicit markers are used to isolate ingested data from agent instructions.
  • Capability inventory: Possesses capabilities for shell command execution, workspace management, and running local scripts via node and bun (SKILL.md).
  • Sanitization: The skill mandates redaction of credentials but does not address sanitization of instructions within ingested content.
  • [COMMAND_EXECUTION]: The skill executes shell commands and scripts as part of its core functionality.
  • Evidence: Uses node -e for path-to-URL conversion and bun run to host local artifacts (SKILL.md). These actions are performed on local or generated files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 07:18 AM
Security Audit — agent-trust-hub — cmux-artifact