edgeone-makers-agents
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and code templates for building agents on the EdgeOne Makers platform. It establishes clear security boundaries and platform conventions for developers.
- [EXTERNAL_DOWNLOADS]: The instructions recommend installing the
edgeoneCLI via NPM and various official framework SDKs (such as@anthropic-ai/claude-agent-sdk,langgraph, andcrewai) from standard package registries. These are well-known services and vendor-related tools necessary for the stated purpose of the skill. - [COMMAND_EXECUTION]: The documentation describes the use of platform-provided tools like
context.sandbox.commands.runandcontext.sandbox.runCode. These are intended capabilities for executing code within a managed and restricted sandbox environment provided by the EdgeOne Makers platform. - [INDIRECT_PROMPT_INJECTION]: The skill details how to process user-supplied data from
context.request.body. - Ingestion points: Untrusted data enters the agent context via
context.request.bodyin the main handler functions. - Boundary markers: The documentation recommends using explicit system prompts and includes constraints to prevent the AI from fabricating files or hallucinating state.
- Capability inventory: The agents built following these guides have access to sandbox command execution, file system access, and network operations (via
web_search). - Sanitization: Code snippets include basic validation of input presence and error handling for tool failures.
Audit Metadata