ui-cloner
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because its core function involves analyzing and synthesizing data from external websites. * Ingestion points: Content from target URLs processed during Phase 1. * Boundary markers: Absent; no specific delimiters or instructions to ignore embedded commands within external data are provided. * Capability inventory: The skill performs file system operations, specifically creating and writing to markdown files within a plans directory. * Sanitization: Absent; the instructions do not describe mechanisms for filtering or sanitizing content ingested from external sources.
Audit Metadata