Skills
skills/blockmatic/basilic/AI SDK v6 Core/Gen Agent Trust Hub

AI SDK v6 Core

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Prompt Injection (LOW): The skill templates ingest untrusted data into LLM prompts, creating a surface for indirect prompt injection. \n
  • Ingestion points: The messages array in templates/agent-with-tools.ts and templates/stream-text-chat.ts, and the prompt string in templates/generate-text-basic.ts. \n
  • Boundary markers: Absent; user input is passed directly to model components. \n
  • Capability inventory: The agent in templates/agent-with-tools.ts has tool-calling capabilities (getWeather, convertTemp, getAirQuality). \n
  • Sanitization: Absent in the templates; execution relies on the model's internal safety filters.\n- Data Exposure & Exfiltration (SAFE): No hardcoded secrets, sensitive file paths, or unauthorized data exfiltration patterns were found. Documentation explicitly advises on API key validation.\n- External Downloads (SAFE): All detected dependencies are standard, trusted packages from Vercel, Anthropic, and OpenAI.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:24 PM