core-components
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- Prompt Injection (SAFE): No instructions attempt to override agent behavior, bypass safety filters, or extract system prompts. The content is strictly limited to UI component patterns.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file path access, or network operations were detected.
- Obfuscation (SAFE): The content is clear and readable. No hidden characters, Base64 encoding, or homoglyphs are present.
- Unverifiable Dependencies & RCE (SAFE): The skill does not perform any package installations or remote script executions. The code examples use internal library references (e.g., 'components/core').
- Privilege Escalation & Persistence (SAFE): No commands related to administrative access or system persistence mechanisms are included.
- Indirect Prompt Injection (SAFE): While the skill defines patterns for handling user input (e.g., Input component), it does not possess any exploitable capabilities like file writing or network access that could be triggered by untrusted data.
- Dynamic Execution (SAFE): No use of eval, exec, or runtime compilation techniques.
Audit Metadata