ui_perfection
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (HIGH): The skill defines a high-severity vulnerability surface because it directs the agent to process untrusted external data (code files) with high-privilege write capabilities.
- Ingestion points: External source code and style files accessed via the
Readtool specified in the metadata. - Boundary markers: None. The skill does not instruct the agent to use delimiters or ignore instructions found within the processed files.
- Capability inventory:
EditandWritetools allow the agent to modify the filesystem based on interpreted content. - Sanitization: None. There is no logic provided to filter or validate the content of the files being read.
- No Code (INFO): The skill is purely instructional and contains no executable logic, scripts, or binary files, which reduces the risk of direct malware or automated RCE within the skill's own components.
Recommendations
- AI detected serious security threats
Audit Metadata