form-generator
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to override agent behavior, bypass safety guidelines, or extract system prompts.
- [Data Exposure & Exfiltration] (SAFE): The skill does not access sensitive file paths (e.g., .ssh, .aws) or perform network operations to exfiltrate data.
- [Indirect Prompt Injection] (LOW): 1. Ingestion points: The skill analyzes user-provided React components using Read, Grep, and Glob. 2. Boundary markers: No specific delimiters are used to wrap ingested code. 3. Capability inventory: The skill can modify the local filesystem using Write and Edit. 4. Sanitization: None identified; however, the risk is mitigated by the lack of network or execution capabilities.
- [Unverifiable Dependencies] (SAFE): No external packages or remote scripts are downloaded or executed.
- [Dynamic Execution] (SAFE): No runtime code generation or unsafe deserialization patterns were detected.
Audit Metadata