aria-helper
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill presents a surface for indirect prompt injection by ingesting external data and possessing file-writing capabilities. Ingestion points: React component files accessed via Read, Grep, and Glob tools. Boundary markers: No delimiters or ignore-instruction warnings are specified in the skill definition. Capability inventory: The skill is authorized to use Read, Write, Edit, Grep, and Glob tools for file manipulation. Sanitization: No input sanitization or validation of the processed code content is described in the skill.
Audit Metadata