tiptap
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install components using
npx shadcn@latest addfrom a remote URL (https://raw.githubusercontent.com/Aslam97/shadcn-minimal-tiptap/main/registry/block-registry.json). This source is not from a trusted organization or well-known service provider listed in the safety guidelines. - [COMMAND_EXECUTION]: A setup script (
templates/minimal-tiptap-setup.sh) is provided that executes installation commands and remote component additions, which could pose a risk if the remote source is compromised. - [PROMPT_INJECTION]: The editor component (
templates/base-editor.tsx) is designed to process untrusted rich text content without explicit sanitization or boundary markers. Evidence chain: 1. Ingestion points: 'content' prop in templates/base-editor.tsx; 2. Boundary markers: Absent; 3. Capability inventory: Network operations via fetch() in templates/image-upload-r2.tsx; 4. Sanitization: Absent.
Audit Metadata