cms-engine
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest untrusted data through Article, Category, and Media models as defined in SKILL.md. While it lacks explicit boundary markers (e.g., delimiters) to separate instructions from data, it does recommend HTML sanitization. The agent's capabilities include generating metadata and slugs from this external content, which could be manipulated by embedded instructions.
- [Unverifiable Dependencies] (LOW): The text references a component named 'Gravito's OrbitAtlas'. This component does not appear in major public registries like npm or PyPI. Referencing unverifiable internal or obscure tools can lead to dependency confusion or the use of untrusted sources if the user attempts to find the package manually.
Audit Metadata