Skills
NYC
skills/duc01226/easyplatform/frontend-angular-component/Gen Agent Trust Hub

frontend-angular-component

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill requires the agent to read and follow instructions from various local documentation files (e.g., .claude/skills/shared/angular-design-system.md, docs/design-system/README.md). If these files are compromised or contain malicious instructions, they could influence the agent's behavior.
  • Ingestion points: The agent is instructed to use Read and Grep on several local markdown and TypeScript files.
  • Boundary markers: Absent. There are no instructions provided to the agent to distinguish between data and instructions when reading these files.
  • Capability inventory: The skill has access to Bash, Write, Edit, Grep, and Glob tools, which could be misused if the agent obeys instructions embedded in the documentation.
  • Sanitization: Absent. No validation or sanitization is performed on the content of the files read.
  • [Command Execution] (LOW): The skill enables the Bash tool. While necessary for project development tasks like searching (Grep) and file management, it provides a powerful interface that could be exploited if the agent is misled via prompt injection.
  • [Data Exposure & Exfiltration] (SAFE): No patterns for credential theft, hardcoded secrets, or exfiltration of sensitive system files (e.g., .ssh, .aws) were detected. Access is restricted to the local project directories.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:22 PM