ui-convert-extractor-wpf
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides instructions and examples for parsing WPF XAML and mapping them to a custom IR format. It does not contain any executable scripts, remote downloads, or credential exposures.
- [PROMPT_INJECTION]: The skill involves processing untrusted external data (.xaml files), which represents an indirect prompt injection surface. However, this is inherent to the skill's purpose as an extractor and no specific malicious injection patterns were found.
- Ingestion points: User-provided .xaml files.
- Boundary markers: None explicitly defined in the instructions.
- Capability inventory: The instructions describe data mapping and layout calculation; no destructive capabilities or network operations are included in the skill body.
- Sanitization: No explicit validation or sanitization steps are documented for the input XAML content.
Audit Metadata