ui-validator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): Indirect prompt injection surface. The skill ingests untrusted code from components and style files which are rendered and executed in a browser environment. Evidence: 1. Ingestion points: components//*.vue, pages//.vue, assets/styles/**/.scss. 2. Boundary markers: Absent. 3. Capabilities: evaluate_script, browser_navigate, and pnpm dev command execution. 4. Sanitization: Absent. Malicious content in source files could target the browser-agent feedback loop to influence the agent's logic.
- [COMMAND_EXECUTION] (MEDIUM): Shell command execution is utilized to manage the local dev environment via lsof, Test-NetConnection, and pnpm dev. This allows the skill to execute code within the context of the local system.
- [REMOTE_CODE_EXECUTION] (MEDIUM): Invocation of pnpm dev triggers the execution of local project scripts and potential dependency fetching, which can lead to the execution of untrusted code if the project configuration is compromised.
Recommendations
- AI detected serious security threats
Audit Metadata