initial-build
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes external data including manifest.json files and dataset schemas which presents a surface for indirect prompt injection.
- Ingestion points: Reads existing manifest.json during app takeover and fetches dataset schemas via dataset-query tool.
- Boundary markers: The instructions lack explicit delimiters to separate external data from the agent's logic.
- Capability inventory: Includes file system writes, manifest updates, and command execution via the publish and npm tools.
- Sanitization: Input from manifests or schemas is not explicitly validated or sanitized before being used to guide the build process.
- [COMMAND_EXECUTION]: The skill directs the agent to run shell commands for building and publishing apps, specifically npm run build and domo publish.
- [EXTERNAL_DOWNLOADS]: Mentions dependencies on official and well-known Domo platform packages, specifically @domoinc/query and @domoinc/toolkit.
Audit Metadata