reactive-programming
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill demonstrates patterns for ingesting external data through WebSocket messages and user search inputs. While the examples only involve low-risk capabilities like UI updates and local state management, these entry points represent a potential surface for indirect injection if the agent uses this logic to influence higher-privilege actions.
- Ingestion points: searchInput (DOM event), event.data (WebSocket).
- Boundary markers: None present in code examples.
- Capability inventory: console.log, displayResults (UI), StateManager (local state).
- Sanitization: No explicit sanitization or validation of the ingested strings is shown.
- [Data Exposure & Exfiltration] (SAFE): No access to sensitive file paths (~/.ssh, etc.) or hardcoded credentials. All network operations use relative API paths or generic placeholders.
- [External Downloads] (SAFE): The skill references the standard and highly trusted 'rxjs' library. No untrusted third-party dependencies or remote script execution (curl|bash) were detected.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata