page-best-practice
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted user input from the 'description' and 'features' fields to make architectural decisions and generate code content. \n
- Ingestion points:
descriptionandfeaturesfields inreferences/schema.ts. \n - Boundary markers: Absent. The inputs are used directly by heuristic logic in
references/judgeHasStore.tsandreferences/judgeUIComplexity.ts. \n - Capability inventory: Generates React components and configuration logic. While not executing code itself, the output is intended for execution in a development environment. \n
- Sanitization: No sanitization is performed on the description beyond basic keyword matching. \n- External Downloads (LOW): The skill relies on an unverifiable package
@code-arena/uifor its UI components. \n - Evidence: Multiple imports in example files (e.g.,
best-practice-examples/standard-with-store/StandardWithStorePageContent.tsx). \n - Context: The package appears to be an internal library for the 'Code Arena' project. While the source is unknown, it aligns with the skill's stated purpose. \n- Malicious URL Alert (INFO): An automated scan reported
features.usas a blacklisted URL. \n - Analysis: A thorough manual review of all 14 files failed to locate the string 'features.us'. This may be a false positive on the 'features' object property or refer to external metadata/files not included in the provided snippets.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata