refactor-table-alignment
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): Indirect Prompt Injection vulnerability surface (Category 8). The skill's primary function is to ingest and transform external source code and data, which provides an entry point for malicious instructions.
- Ingestion points: The skill explicitly processes user-provided source code (React, Vue, Angular, HTML), column configurations, and sample datasets.
- Boundary markers: There are no defined delimiters or instructions for the agent to isolate untrusted input data from its internal reasoning and rules.
- Capability inventory: The skill produces executable UI code ('Minimal Runnable Refactor') and suggests file modifications, which is a high-impact capability if the agent is influenced by malicious input.
- Sanitization: No sanitization, validation, or instruction to ignore embedded directives within the input code or data is present.
Recommendations
- AI detected serious security threats
Audit Metadata