prompt-api

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run a local inventory script, scripts/find-frontend-targets.mjs, which performs recursive directory traversal and file reading to identify relevant frontend entry points and Prompt API markers within the workspace.
  • [EXTERNAL_DOWNLOADS]: The documentation references and provides installation commands for specific npm packages (prompt-api-polyfill, built-in-ai-task-apis-polyfills) intended for progressive enhancement of browser-based AI capabilities.
  • [PROMPT_INJECTION]: The skill ingests untrusted local data from the workspace when the inventory script reads source files. This creates a potential surface for indirect prompt injection where malicious instructions embedded in the analyzed code could influence agent behavior.
  • Ingestion points: scripts/find-frontend-targets.mjs (reads files in current directory).
  • Boundary markers: None.
  • Capability inventory: File writing (via Step 3 adaptation), npm install, and workspace build/test execution (Step 5).
  • Sanitization: None.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 12:46 AM
Security Audit — agent-trust-hub — prompt-api