accessibility
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to analyze and modify existing codebases based on user intent and external requirements. This creates a vulnerability surface where malicious instructions embedded in the code or project descriptions could be executed by the agent.
- Ingestion points: Reads existing codebase, project documentation, and user-provided intents (as described in the 'Building a web project' and 'Maintenance' sections).
- Boundary markers: No explicit instructions to treat external data as untrusted or to use delimiters to isolate external content from operating instructions.
- Capability inventory: Modifications to HTML, CSS, and Javascript files; refactoring existing code; and generating interactive components.
- Sanitization: No procedures defined for sanitizing or validating external input before processing or interpolation into code.
Recommendations
- AI detected serious security threats
Audit Metadata