Skills
skills/jackspace/claudeskillz/thesys-generative-ui/Gen Agent Trust Hub

thesys-generative-ui

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (MEDIUM): The skill requires the installation of multiple third-party npm and pip packages (@thesysai/genui-sdk, @crayonai/react-ui, etc.) from organizations not recognized in the trusted list.
  • Dynamic Execution (MEDIUM): The skill translates LLM output into streaming React components at runtime. While this is the intended behavior, it creates a mechanism where potentially untrusted LLM content controls application-level interactive elements.
  • Indirect Prompt Injection (LOW): The skill ingests data from an LLM to generate UI components. 1. Ingestion points: LLM response stream (Vite/Next.js/Cloudflare templates). 2. Boundary markers: Absent in the provided documentation. 3. Capability inventory: Renders dynamic forms, charts, and tables with tool calling support. 4. Sanitization: No specific evidence of sanitization of the generated UI structures is provided.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:07 PM