web-coder
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for Indirect Prompt Injection as it is specifically designed to ingest and process untrusted user data.
- Ingestion points: Untrusted data enters the agent's context through user-provided web requirements (Workflow 1) and code snippets for debugging (Workflow 2) as defined in SKILL.md.
- Boundary markers: There are no explicit instructions for the agent to use delimiters or ignore instructions embedded within the user-provided data.
- Capability inventory: The skill enables the agent to utilize standard web capabilities, including making network requests (fetch in references/web-apis-dom.md), managing server configurations (Nginx/Apache in references/servers-infrastructure.md), and using development tools (Git/npm in references/development-tools.md).
- Sanitization: The skill does not provide specific instructions for the agent to sanitize or validate user-provided input before processing it to generate code or architectural solutions.
Audit Metadata