Skills
skills/windmill-labs/windmill-cli-docs/write-script-deno/Gen Agent Trust Hub

write-script-deno

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the wmill CLI to perform various development tasks. This includes wmill script preview to execute local script code, wmill generate-metadata to update local lockfiles and resolved dependencies, and wmill sync push to deploy code to the Windmill workspace.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of external dependencies via Deno's native import system (e.g., from https://deno.land/) and the npm: prefix. The wmill generate-metadata command is specifically designed to resolve and fetch these remote packages.
  • [PROMPT_INJECTION]: The skill describes the implementation of "Preprocessor Scripts" which are designed to ingest untrusted data from various external triggers such as webhooks, HTTP requests, SQS, and emails. This creates a potential surface for indirect prompt injection where malicious instructions embedded in the trigger payload could influence the agent's behavior if not properly sanitized.
  • Ingestion points: Preprocessor event parameter (body, headers, query) in SKILL.md.
  • Boundary markers: None mentioned.
  • Capability inventory: Subprocess execution via wmill CLI, file writing via generate-metadata, and network operations via windmill-client or fetch.
  • Sanitization: None mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 08:36 AM
Security Audit — agent-trust-hub — write-script-deno