pi-tui-design
Fail
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: CRITICALSAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The malicious URL alert for 'this.ca' is a false positive. The scanner misidentified string segments from internal code property names, such as 'this.cachedLines' and 'this.cachedWidth' in the TypeScript examples, as a blacklisted domain.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing and displaying untrusted data in TUI components.
- Ingestion points: Data entering the agent context via ServiceStatus arrays in StatusDashboard, Row arrays in DataTable, and tool update/result objects in the Tool Renderer example.
- Boundary markers: Absent; the implementation does not include specific delimiters or instructions for the agent to ignore instructions embedded in the displayed text.
- Capability inventory: The skill is restricted to UI rendering via ctx.ui and tui APIs; no dangerous capabilities such as file system access, network requests, or subprocess execution are present.
- Sanitization: No sanitization or escaping of the input strings is performed before they are rendered into the terminal interface.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata