Skills
skills/cdeistopened/opened-vault/create-interface/Gen Agent Trust Hub

create-interface

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes HTML and JavaScript provided as tool input, creating a surface for indirect prompt injection where malicious instructions could be embedded in the rendered content. \n
  • Ingestion points: The html parameter in the mcp__noetect-ui__render_ui tool call defined in SKILL.md. \n
  • Boundary markers: None identified. The content is processed without explicit delimiters to isolate it from the agent's control instructions. \n
  • Capability inventory: The skill supports interactive elements including JavaScript execution and form handling within a sandboxed context. \n
  • Sanitization: The skill relies on client-side iframe sandboxing (allow-scripts, allow-forms) for isolation but does not perform sanitization or validation of the input HTML string itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 03:29 PM