Skills
skills/webmaxru/ai-native-dev/agent-package-manager/Gen Agent Trust Hub

agent-package-manager

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to operate the apm CLI, including subcommands like apm run, which executes project-defined scripts, and apm runtime setup, which manages local environments.
  • [EXTERNAL_DOWNLOADS]: The troubleshooting documentation provides instructions to download the APM toolchain from Microsoft's official short-link service (aka.ms).
  • [REMOTE_CODE_EXECUTION]: The installation guide includes patterns for piping remote scripts directly to shell interpreters (curl | sh and irm | iex) from Microsoft's infrastructure.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it is designed to fetch, process, and integrate external agent packages, skills, and prompts from remote repositories.
  • Ingestion points: External repository content (GitHub, GitLab, etc.) fetched via apm install and manifest files (apm.yml).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified for the integrated content.
  • Capability inventory: The toolchain possesses file system write access, network capabilities for dependency resolution, and the ability to execute project scripts.
  • Sanitization: There is no evidence of sanitization or safety validation for natural language instructions retrieved from remote sources before they are compiled into the agent's active context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 07:09 AM