widget-generator
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Prompt Injection] (LOW): The skill is vulnerable to indirect prompt injection via user-supplied data interpolation. Ingestion points: User parameters (Widget ID, Name, Title, Content) gathered in SKILL.md. Boundary markers: None are used to separate user data from code logic in the templates. Capability inventory: The skill generates new .ts and .tsx files containing logic (shouldInject) and UI components, and modifies existing registry files (src/lib/plugins/widgets/index.ts). Sanitization: No sanitization or escaping of user input is performed before file generation.
- [Command Execution] (LOW): The skill instructs the user to execute the generated code through standard development tools ('npm run dev' and 'npx tsc'), which effectively executes unvetted logic generated from user input.
Audit Metadata