edgeone-makers-agents

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides documentation and code templates for building agents on the EdgeOne Makers platform. It establishes clear security boundaries and platform conventions for developers.
  • [EXTERNAL_DOWNLOADS]: The instructions recommend installing the edgeone CLI via NPM and various official framework SDKs (such as @anthropic-ai/claude-agent-sdk, langgraph, and crewai) from standard package registries. These are well-known services and vendor-related tools necessary for the stated purpose of the skill.
  • [COMMAND_EXECUTION]: The documentation describes the use of platform-provided tools like context.sandbox.commands.run and context.sandbox.runCode. These are intended capabilities for executing code within a managed and restricted sandbox environment provided by the EdgeOne Makers platform.
  • [INDIRECT_PROMPT_INJECTION]: The skill details how to process user-supplied data from context.request.body.
  • Ingestion points: Untrusted data enters the agent context via context.request.body in the main handler functions.
  • Boundary markers: The documentation recommends using explicit system prompts and includes constraints to prevent the AI from fabricating files or hallucinating state.
  • Capability inventory: The agents built following these guides have access to sandbox command execution, file system access, and network operations (via web_search).
  • Sanitization: Code snippets include basic validation of input presence and error handling for tool failures.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 08:15 AM
Security Audit — agent-trust-hub — edgeone-makers-agents