tv-navigator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is primarily instructional documentation and a standard UI component. No evidence of prompt injection, persistence mechanisms, or unauthorized command execution was found.
- [Indirect Prompt Injection] (SAFE): The FocusableGrid component ingests untrusted data (items) to render UI elements; however, the skill lacks any sensitive capabilities (such as shell access, file system writes, or network exfiltration) that could be exploited. Boundary markers are absent, but React's default rendering provides basic XSS protection.
- [Data Exposure] (SAFE): No hardcoded credentials or access to sensitive file paths (e.g., .ssh, .aws) were detected. The use of dynamic image sources is standard for the described TV UI use case.
Audit Metadata