Skills
skills/openwebf/webf/webf-native-plugins/Gen Agent Trust Hub

webf-native-plugins

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [External Downloads] (LOW): The documentation instructs users to download and install external packages including the npm package @openwebf/webf-share and the Flutter package webf_share. The @openwebf organization is not included in the predefined list of trusted sources. However, as this is purely documentation for a known framework (WebF), the risk is considered low.
  • [Indirect Prompt Injection] (LOW): The document defines the WebFShare.shareText API, which accepts arbitrary string input for titles and content. This creates a surface for indirect prompt injection if an agent uses this tool to process or share data from untrusted sources.
  • Ingestion points: ShareTextOptions properties including text, title, and url in reference.md.
  • Boundary markers: No boundary markers or 'ignore' instructions are suggested in the documentation for handling untrusted content.
  • Capability inventory: The skill provides access to native sharing sheets and the ability to save data to the local filesystem via saveScreenshot.
  • Sanitization: No sanitization or validation methods are described for the input parameters.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 02:43 AM