Skills
skills/blencorp/skills/usmds/Gen Agent Trust Hub

usmds

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches a component registry from a remote URL to identify available components.
  • Evidence: Programmatically retrieves JSON data from https://storage.googleapis.com/usmds-registry/r/usa/registry.json in references/components.md.
  • [COMMAND_EXECUTION]: Documentation suggests executing a vendor-provided initialization tool.
  • Evidence: Recommends running npx @blen/usmds init for automated project setup in SKILL.md and references/setup.md.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from a remote registry which informs agent output.
  • Ingestion points: Reads external JSON registry from https://storage.googleapis.com/usmds-registry/r/usa/registry.json in references/components.md.
  • Boundary markers: None identified; the registry data is integrated into the agent's knowledge of available components.
  • Capability inventory: The skill uses registry items to generate React Native code and documentation.
  • Sanitization: No validation or sanitization of the remote JSON content is documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 10:31 AM