cmdk-static-fulltext-search
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The API route in
api/route.tsusesforce-staticto bake raw content payloads into an edge-cached JSON file. This architectural choice exposes the full text of all processed files to the public, which may lead to the unintended disclosure of sensitive information if internal or draft content is accidentally included in the build process.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its ingestion of external data.\n - Ingestion points: Data is fetched from the
/api/searchendpoint incomponents/SearchPalette.tsx.\n - Boundary markers: The implementation lacks clear delimiters or instructions to prevent the agent or UI from misinterpreting embedded data as commands.\n
- Capability inventory: The component in
components/SearchPalette.tsxusesrouter.pushto navigate based on thehreffield of the search results.\n - Sanitization: There is no validation or sanitization of the
hrefURL before navigation incomponents/SearchPalette.tsx, creating a risk of open redirects if the content source is compromised.
Audit Metadata