make-content-editable
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it is designed to ingest and process untrusted user data from the local file system to drive code generation and modification tasks.\n
- Ingestion points: The skill reads markdown files (
content/**/*.md,.mdoc,.markdown) and Vue component files as described in Step 0 and Step 1 ofSKILL.md.\n - Boundary markers: There are no explicit instructions or delimiters provided to the agent to treat content within these files as data rather than instructions, nor are there warnings to ignore embedded agent-steering text.\n
- Capability inventory: The agent has the ability to read files, write/modify local project files, and execute specific MCP tools (
mcp__nuxt-ui__get-componentandmcp__nuxt-ui__get-component-metadata).\n - Sanitization: The skill instructions do not specify any validation or sanitization of the input file content before using it to generate the final MDC and Vue component code.
Audit Metadata