ct-components
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- External Downloads (LOW): The documentation references external dependencies from the npm registry, specifically @conectate/components, chart.js, jsqr, and qrcode. While these are legitimate libraries, they do not belong to the pre-approved trusted source list.
- Data Exposure (LOW): The ct-helpers.md file documents a getGeoLocation() utility that accesses the browser's Geolocation API, which could be used to expose the user's physical location.
- Indirect Prompt Injection (LOW): Several components, including ct-confirm, ct-promp, and ct-dialog, are designed to ingest and render content as HTML or raw DOM elements. This creates a potential attack surface for indirect prompt injection if an agent populates these components with untrusted data from external sources.
- Ingestion points: showCtConfirm (body), showCtPrompt (body), showCtDialog (element), ct-input-autocomplete (source).
- Boundary markers: None detected in the documentation examples.
- Capability inventory: The components return results (e.g., user input or confirmation) to the calling agent, allowing them to influence downstream logic.
- Sanitization: No explicit sanitization or escaping mechanisms are described for the HTML-rendering properties.
Audit Metadata