Skills
skills/mjunaidca/mjs-agent-skills/building-chat-interfaces/Gen Agent Trust Hub

building-chat-interfaces

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (HIGH): High-risk indirect prompt injection surface identified in SKILL.md and references/chatkit-integration-patterns.md. The skill implements features that scrape untrusted content from web pages (headings, meta descriptions) and user-selected text, which are then directly interpolated into the agent's system prompt using f-strings without sanitization, escaping, or boundary markers. This allows external data to override agent instructions.
  • [CREDENTIALS_UNSAFE] (HIGH): The skill explicitly instructs the AI agent in SKILL.md to include long-lived user credentials (access_token) in tool call arguments. This pattern creates a high risk of credential exfiltration if tools are malicious or if the agent is subverted by the aforementioned prompt injection surface.
  • [EXTERNAL_DOWNLOADS] (LOW): Frontend integration in SKILL.md and references/nextjs-httponly-proxy.md relies on remote script loading from https://cdn.platform.openai.com. Although the source is within the trusted scope for OpenAI, runtime execution of remote code remains a security consideration.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 05:36 AM