nextjs-app
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Indirect Prompt Injection] (LOW): Vulnerability surface identified in how the skill processes user-provided descriptions for code generation.\n
- Ingestion points: User requests for specific component functionality interpolated into the expert persona.\n
- Boundary markers: Absent; relies on the underlying LLM safety training.\n
- Capability inventory: None; the skill is limited to text generation and does not have file-write or network-access capabilities.\n
- Sanitization: Absent.\n- [Data Exposure] (SAFE): Network requests in provided examples use 'api.example.com' for demonstration and do not attempt to access local sensitive files or real user credentials.
Audit Metadata