frappe-web-forms
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to bypass safety filters or override agent behavior were found.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or unauthorized data access patterns detected.
- [Obfuscation] (SAFE): Content is clearly written with no encoded or hidden characters.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external downloads or execution of remote scripts.
- [Indirect Prompt Injection] (LOW): The skill creates a surface for untrusted data via web forms. 1. Ingestion points: User form submissions (SKILL.md). 2. Boundary markers: None explicitly for LLM but framework-level validation is advised. 3. Capability inventory: Server-side Python hooks (validate, get_context). 4. Sanitization: Explicit guardrails for HTML escaping and validation are provided.
- [Dynamic Execution] (SAFE): Code snippets are standard Frappe hooks and do not involve unsafe runtime code generation.
Audit Metadata