frontend-service
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No override or bypass instructions detected in the skill definitions.
- [DATA_EXFILTRATION]: No unauthorized access to sensitive files or data exfiltration patterns identified. The use of localStorage for authentication tokens is standard for the described frontend architecture and is used to populate Authorization headers for API calls.
- [REMOTE_CODE_EXECUTION]: No evidence of external script downloads or execution from untrusted sources.
- [COMMAND_EXECUTION]: No shell command or subprocess execution patterns detected.
- [INDIRECT_PROMPT_INJECTION]: The skill establishes an attack surface for processing untrusted data via generated services. 1. Ingestion points: Model and DTO data in src/services/{modulo}.service.ts. 2. Boundary markers: None. 3. Capability inventory: CRUD network operations via Axios. 4. Sanitization: Not specified in templates, relying on the underlying api instance and backend validation.
Audit Metadata