tech-logos
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes shell commands using npx shadcn@latest add to install UI components.- [EXTERNAL_DOWNLOADS]: Downloads code components from the @elements registry via the shadcn installation pattern.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by interpolating user-provided brand names into shell commands and URLs without explicit sanitization or boundary markers. * Ingestion points: Brand names provided by the user are used as placeholders in SKILL.md. * Boundary markers: None present to delimit user-provided content. * Capability inventory: Command execution via npx and URL generation (SKILL.md). * Sanitization: No explicit validation or escaping of user input is defined.
Audit Metadata