AI SDK UI
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides legitimate patterns and code templates for the Vercel AI SDK, which is a well-known industry standard for AI interface development.
- [SAFE]: Integration examples for Supabase and various AI providers (OpenAI, Anthropic, Google) use standard environment variable references for configuration rather than hardcoded secrets.
- [SAFE]: The generative UI patterns (streamUI) use a controlled approach where specific React components are returned from server actions rather than executing arbitrary strings as code.
- [PROMPT_INJECTION]: The application architecture described creates a surface for indirect prompt injection by processing external data and AI outputs.
- Ingestion points: Untrusted user data enters the system through the
useChathook's input field inSKILL.mdand file attachments in theVisionChatandChatWithFileUploadcomponents inreferences/advanced-patterns.md. - Boundary markers: The provided code examples do not demonstrate the use of specific boundary markers or system prompt instructions designed to isolate and ignore malicious commands embedded within user-provided data.
- Capability inventory: The skill defines capabilities for making network requests to AI model providers and external API tools (e.g., weather and product searches) based on AI decisions.
- Sanitization: The skill mitigates these risks by including a dedicated 'Security' section in the best practices, which explicitly advises developers to validate user input and sanitize AI-generated content before rendering.
Audit Metadata