Skills
skills/peachsolution/peach-harness/peach-gen-ui-proto/Gen Agent Trust Hub

peach-gen-ui-proto

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the processing of specification documents (_spec.md) used to drive the code generation process.
  • Ingestion points: External specification files provided as command arguments are read into the agent's context.
  • Boundary markers: No specific delimiters or instructions to ignore embedded directives within the specification files are present.
  • Capability inventory: The skill possesses the capability to write code to the local filesystem and execute shell commands for project validation.
  • Sanitization: The skill does not implement sanitization or validation logic for the content of the specifications before use.
  • [COMMAND_EXECUTION]: Executes standard development and build commands including bunx vue-tsc for type checking, bun run lint:fix for code formatting, and bun run build for project verification.
  • [EXTERNAL_DOWNLOADS]: Downloads and installs widely-used third-party libraries such as v-calendar, vuedraggable, and axios from standard package registries to support UI functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 02:26 PM