ux-interaction-taste
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to recommend a command (npx skills add leonxlnx/taste-skill -g -y) to the user. This command installs an external skill from an untrusted repository, facilitating the potential execution of unverified code.
- [EXTERNAL_DOWNLOADS]: The skill directs users to download and install content from an external source (leonxlnx/taste-skill) that is not part of the trusted vendor list.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted project source code during its audit workflow without established safety boundaries. 1. Ingestion points: Project files such as .tsx, .vue, .svelte, and .html scanned and read during the workflow. 2. Boundary markers: No explicit delimiters or instructions to ignore instructions within the analyzed files are provided. 3. Capability inventory: Local file system read access and potential browser tool interaction. 4. Sanitization: No input validation or sanitization mechanisms are defined for the code being processed.
Audit Metadata