Skills
skills/inferencesh/skills/chat-ui/Gen Agent Trust Hub

chat-ui

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The skill references an external registry at 'https://ui.inference.sh/r/chat.json' and other components at 'inferencesh/skills'. These sources are not on the Trusted External Source list.
  • [REMOTE_CODE_EXECUTION] (MEDIUM): Commands like 'npx shadcn@latest add' with remote URLs fetch and process external configuration files which can modify local source code and install dependencies.
  • [PROMPT_INJECTION] (LOW): The skill acts as an indirect prompt injection surface (Category 8). 1. Ingestion points: ChatMessage component content and ChatInput components. 2. Boundary markers: None provided in code snippets. 3. Capability inventory: Remote installation via npx and shell-based skill management. 4. Sanitization: None visible in the provided UI component examples.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:12 PM