angular-modernization
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Prompt Injection (HIGH): The skill is susceptible to indirect prompt injection because it reads untrusted source code and possesses write and execute capabilities. Evidence: 1. Ingestion points: Reads source code using Read and Glob tools. 2. Boundary markers: Instructions lack delimiters or markers to isolate code content from agent instructions. 3. Capability inventory: Uses the Write tool for file modification and the Bash tool for command execution. 4. Sanitization: No validation of code content is performed before processing.
- Command Execution (LOW): The skill utilizes the Bash tool restricted to 'npx ng generate:*' commands. This is a legitimate tool for Angular modernization but remains a sensitive capability.
- External Downloads (INFO): The use of 'npx' involves downloading packages from the npm registry. The skill specifically references the trusted @angular/core package for its schematics.
Recommendations
- AI detected serious security threats
Audit Metadata