nebula-component-creation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill possesses a surface for indirect prompt injection as it reads and processes external data (code files) to perform its tasks.
- Ingestion points: Reads
index.jsxandcomponent.ymlfiles from theexamples/andsrc/directories to determine dependencies and structure. - Boundary markers: Absent. The instructions do not explicitly tell the agent to ignore any natural language instructions that might be embedded in code comments within the source files.
- Capability inventory: The skill is capable of listing directories (
ls), copying files/folders (cp -r), and modifying file content. - Sanitization: Absent. The agent is directed to analyze imports directly from the file content without specific escaping or safety filtering for the text being read.
Audit Metadata