x-chat-provider
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and encourages the installation of @ant-design/x-sdk and @ant-design/x. These are official packages from the author (ant-design) and are used for their intended purpose.
- [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface by processing untrusted data from external LLM APIs. * Ingestion points: The transformMessage method in SKILL.md and EXAMPLES.md processes incoming stream chunks from external APIs. * Boundary markers: There are no explicit markers or instructions provided to differentiate between system, user, and assistant content within the stream. * Capability inventory: The skill is designed to accumulate and transform messages for UI rendering, which may be vulnerable to malicious instructions in the LLM output. * Sanitization: No sanitization or content validation is performed on the data received from the external API within the provided templates.
Audit Metadata