Skills
skills/popup-studio-ai/bkit-claude-code/starter/Gen Agent Trust Hub

starter

Fail

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill mentions GitHub Pages and Vercel for project deployment. The URL 'https://username.github.io/repo-name' is an instructional placeholder for a well-known service and does not represent a malicious download or execution risk.\n- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection.\n
  • Ingestion points: The skill utilizes WebFetch and WebSearch to retrieve external content from the internet.\n
  • Boundary markers: No specific delimiters or safety instructions are defined to separate untrusted web content from agent prompts.\n
  • Capability inventory: The skill allows the agent to Write and Edit local files, which could be exploited by malicious instructions embedded in external web content.\n
  • Sanitization: There is no explicit sanitization or validation logic provided for data retrieved from external sources.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 8, 2026, 04:43 PM