use-x-chat
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documentation and examples utilize official vendor packages (@antdv-next/x-sdk and @antdv-next/x). References to these dependencies are documented neutrally as they are required for the skill's stated purpose.- [COMMAND_EXECUTION]: The documentation mentions system requirements and provides standard installation commands for the vendor's SDK (e.g., npm install @antdv-next/x-sdk@latest). These are routine development tasks and do not represent a security risk.- [PROMPT_INJECTION]: The skill is designed to process user-supplied input in a chat interface, which naturally creates an indirect prompt injection surface. However, no malicious patterns were found, and the logic follows standard implementation practices for chat hooks.
- Ingestion points: User queries are captured via the Sender component and processed by onRequest in SKILL.md and EXAMPLES.md.
- Boundary markers: Data is structured using the MessageInfo interface provided by the SDK.
- Capability inventory: The skill performs network requests to AI backends through a defined Chat Provider.
- Sanitization: Input handling is managed by the underlying SDK and UI components.
Audit Metadata