Skills
skills/inference-sh/agent-skills-registry/widgets-ui/Gen Agent Trust Hub

widgets-ui

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches UI registry configuration from the vendor domain ui.inference.sh using the shadcn CLI tool.
  • [EXTERNAL_DOWNLOADS]: References additional interactive skills from the vendor's repository at inference-sh/skills.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by rendering interactive UI elements (forms, inputs, buttons) directly from agent-generated JSON. If the agent's output is compromised, it could be coerced into rendering deceptive interfaces to capture user data. 1. Ingestion points: Widget object prop in WidgetRenderer. 2. Boundary markers: Absent. 3. Capability inventory: Action handling and form data collection via onAction. 4. Sanitization: No explicit sanitization of JSON structure or input values is demonstrated in the examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 08:51 PM