canvas-component-definition
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [Data Exposure & Exfiltration] (MEDIUM): The skill instructions tell the agent to resolve the components root via the .env file. Reading .env is a high-risk activity as it often contains credentials; however, severity is reduced to MEDIUM because the access is intended for project path configuration.
- [Indirect Prompt Injection] (LOW): The skill involves processing and refactoring existing codebase files like index.jsx and component.yml. This ingestion of external data constitutes a surface for indirect prompt injection. 1. Ingestion points: index.jsx, component.yml. 2. Boundary markers: Absent. 3. Capability inventory: Code creation and modification. 4. Sanitization: Absent.
Audit Metadata