The Agent Skills Directory

Indirect Prompt Injection (LOW): The library provides components that ingest structured data from props which are then rendered using methods that could be exploited if the data is attacker-controlled.
Ingestion points: Data passed to the config prop of ChartContainer in src/components/chart/chart.tsx and the data prop of QRCode in src/components/qr-code/qr-code.tsx.
Boundary markers: Absent; there are no delimiters or instructions to the agent to ignore embedded commands in the processed data.
Capability inventory: The library uses dangerouslySetInnerHTML in chart-style.tsx and qr-code.tsx to render dynamically generated content.
Sanitization: src/components/qr-code/qr-code.tsx implements basic sanitization via regex for OKLCH color values, but ChartStyle performs no explicit sanitization on the keys used for CSS variable generation.
Dynamic Execution (LOW): Executable UI content is assembled and injected into the DOM at runtime.
Evidence: src/components/chart/chart-style.tsx uses dangerouslySetInnerHTML to inject dynamically generated CSS variables into a <style> block.
Evidence: src/components/qr-code/qr-code.tsx uses dangerouslySetInnerHTML to render the SVG string generated by the qrcode package.

using-kuzenbo-in-apps