Skills
skills/rjyo/moshi-skill/play-developer-console/Gen Agent Trust Hub

play-developer-console

Warn

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run a local custom CLI tool named play and use development runtimes like Bun for testing and type-checking within local directories.
  • [DATA_EXFILTRATION]: The skill targets specific absolute paths on the host system (/Users/jyo/...) and interacts with environment files (play/.env) which may contain sensitive configuration data.
  • [PROMPT_INJECTION]: The skill processes untrusted external data in the form of marketing assets and release notes, creating an attack surface for indirect prompt injection.
  • Ingestion points: Local files in play/metadata/ and play/release-notes/ used in command arguments.
  • Boundary markers: None present; content is passed directly to command-line flags.
  • Capability inventory: Execution of local CLI commands, file system read/write, and Bun runtime operations.
  • Sanitization: No evidence of input validation or escaping for the processed text files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 29, 2026, 04:45 PM