jazz-ui-development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Data Exposure & Exfiltration (LOW): The skill configures network connections to
wss://cloud.jazz.tools. While this is the primary intended function for synchronization, it constitutes a network operation to a non-whitelisted domain. All sensitive placeholders like${apiKey}are correctly identified as user-provided variables, and no actual credentials are exposed. - Indirect Prompt Injection (LOW): The skill establishes an attack surface for indirect prompt injection by facilitating the ingestion of data from remote peers and user inputs (via
useCoState,useAccount, andCoValueSchema.subscribe). - Ingestion points: Data entering via
useCoStateanduseAccountinreferences/react.md,references/svelte.md, andreferences/vanilla.md. - Boundary markers: Absent; the documentation focuses on rendering and state management without explicit instructions for sanitizing or delimiting untrusted data content.
- Capability inventory: The described tools primarily perform UI rendering and state management; however, they enable complex data fetching and property updates.
- Sanitization: Not explicitly detailed in the instructional content.
- External Downloads (SAFE): The documentation references external packages (e.g.,
react-native-passkey,svelte-clerk) and documentation URLs onjazz.tools. These are standard for the described framework and do not involve automated script execution or untrusted downloads within the skill's own operational context.
Audit Metadata