scan-frontend-patterns
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill utilizes instructional markers such as "IMPORTANT" and "MUST FOLLOW" to manage internal task orchestration. These are benign and used to maintain the agent's logic flow rather than to bypass safety protocols.- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) due to its core function of scanning project data.
- Ingestion points: The agent reads untrusted project source code (JS, TS, HTML) and configuration files like
package.jsonandangular.jsonduring the scan phase. - Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from obeying potential instructions embedded within the source code being analyzed.
- Capability inventory: The skill possesses file read and write capabilities, specifically writing reports and documentation to the
plans/reports/anddocs/directories. - Sanitization: No validation or sanitization mechanisms are described for the code snippets extracted from the project files before they are processed by the sub-agents.
Audit Metadata