admin-dashboard
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill architecture involves processing and displaying external data (user metrics, access requests, and activity logs) within an administrative dashboard. This creates a surface for indirect prompt injection where malicious content embedded in the ingested data could potentially influence the agent's behavior during analysis or development tasks.
- Ingestion points: The dashboard fetches data from multiple internal API endpoints such as
/api/admin/statsand/api/admin/access-requestsas defined insrc/app/admin/page.tsx. - Boundary markers: The provided code snippets do not include explicit instructions or delimiters (such as XML tags or "ignore instructions" warnings) to separate external data from the agent's primary instructions.
- Capability inventory: The skill allows high-privilege tools including
Bash(npm:*, npx:*),Write, andEdit, which could be exploited if the agent is misled by injected content. - Sanitization: While the skill demonstrates robust access control (
requireAdmin) and audit logging (logAdminAction), it does not explicitly detail the sanitization or escaping of external content before it is interpolated into the UI or processed by the agent.
Audit Metadata