Skills
skills/gyorkluu/electrobun-skills/electrobun-window-management/Gen Agent Trust Hub

electrobun-window-management

Warn

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: MEDIUMPROMPT_INJECTIONSAFE
Full Analysis
  • [METADATA_POISONING]: The skill metadata identifies the author as "Blackboard", which contradicts the system-provided author identity of "gyorkluu". This discrepancy in authorship is misleading and could affect the trust assessment of the skill's origin.
  • [INDIRECT_PROMPT_INJECTION]: The skill documents an attack surface for indirect prompt injection due to its handling of external content and inter-process communication.
  • Ingestion points: The implementation of BrowserView.loadURL() allows the agent to load content from arbitrary external websites. Furthermore, the WindowHub implementation allows windows to invoke RPC methods on others using strings for method names and arguments.
  • Boundary markers: There are no boundary markers or specific instructions provided to the agent to treat external content as untrusted or to ignore instructions embedded within loaded pages or RPC messages.
  • Capability inventory: The skill enables the agent to create and manipulate windows, write to the local file system (via Bun.write), and execute RPC handlers.
  • Sanitization: The provided code examples lack sanitization or validation of the URLs being loaded or the arguments passed through the RPC hub.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The WindowStateManager uses Bun.write to store UI state (coordinates and dimensions) in a JSON file within the userData directory. This is a legitimate and standard practice for desktop applications to maintain user interface persistence across sessions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 2, 2026, 04:22 AM