tailwindplus
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The shell scripts are robust, utilizing 'set -euo pipefail' for error handling and proper quoting of all variables. No arbitrary command execution or shell injection vulnerabilities were found.
- PROMPT_INJECTION (LOW): The skill exhibits an Indirect Prompt Injection surface because it ingests and outputs data from an external JSON file.
- Ingestion points: Data enters the agent context through the user-specified
<json_file>processed in all scripts (e.g., scripts/get_component.sh). - Boundary markers: Content is retrieved from the JSON and returned directly to the agent without delimiters or explicit instructions to ignore embedded commands.
- Capability inventory: The skill is capable of reading local files and printing their content; it does not have network access or write permissions in the provided scripts.
- Sanitization: No sanitization or validation of the component code or metadata is performed before it is presented to the agent, which is typical for this type of browser utility.
- SAFE (SAFE): No malicious patterns such as data exfiltration, obfuscation, persistence mechanisms, or unauthorized privilege escalation were detected.
Audit Metadata