Skills
skills/opusgamelabs/game-creator/quick-game/Gen Agent Trust Hub

quick-game

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes npm install, npm run dev, and npm run build within the scaffolded game directory to initialize and test the project.
  • [EXTERNAL_DOWNLOADS]: Fetches game inspiration from external Twitter/X URLs via the fetch-tweet tool.
  • [EXTERNAL_DOWNLOADS]: Downloads project dependencies from the NPM registry during the scaffold process.
  • [PROMPT_INJECTION]: Potential for indirect prompt injection as game concepts are derived from external tweet content and passed to a subagent for implementation.
  • Ingestion points: Tweet content fetched from external URLs (SKILL.md).
  • Boundary markers: None specified for the subagent Task instructions.
  • Capability inventory: File system access, shell execution, and subagent task creation across all scripts.
  • Sanitization: No sanitization of tweet content is mentioned before it influences code generation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 07:30 PM