inference-agent-ui
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the download of UI component definitions from the vendor's domain (ui.inference.sh) using the shadcn CLI. This is a common practice for component-based UI development and is consistent with the skill's stated purpose.
- [COMMAND_EXECUTION]: Uses the shadcn CLI and npm/npx for dependency management and component installation. These operations are performed within the standard development lifecycle of a React application and do not involve suspicious flags or elevated privileges.
- [REMOTE_CODE_EXECUTION]: While code is fetched from a remote URL via the registry, this is the intended mechanism for shadcn/ui components. The source domain belongs to the service being integrated.
- [SAFE]: No malicious patterns such as prompt injection, data exfiltration, or persistence mechanisms were detected. Analysis of indirect prompt injection surfaces shows that while the backend API route ingests untrusted user messages (references/starter-snippets.md), the skill's capabilities are limited to UI rendering with no dangerous subprocess or file operations exposed.
Audit Metadata