transparent-ui
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Remote Code Execution] (HIGH): The skill directs the agent to perform instrumentation by directly modifying core application files (e.g., src/lib/[system].ts). This includes adding event emitters and logic wrappers. The ability for an agent to perform line-specific code modifications is a high-risk capability that could be exploited to inject persistent backdoors or modify application behavior.
- [External Downloads] (LOW): The workflow encourages the installation of third-party visualization libraries such as react-flow and framer-motion. While these are trusted packages, the skill lacks version pinning requirements, potentially leading to the installation of compromised or incompatible versions.
- [Indirect Prompt Injection] (HIGH): This skill exhibits a significant Category 8 attack surface. It ingests untrusted system state data (ingestion points: system state, event flows) and uses it to drive the generation of code and visualizations. Boundary markers and sanitization are absent. Since the agent has file-write and instrumentation capabilities, an attacker who can manipulate the system state could potentially influence the agent's code generation process to perform unauthorized actions.
Recommendations
- AI detected serious security threats
Audit Metadata