mobile
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes external CSS and UI component files which could contain malicious instructions designed to influence the agent's behavior.
- Ingestion points:
**/*.cssandapp/components/ui/**viafile_triggers. - Boundary markers: Absent; no explicit delimiters or warnings for the agent to ignore embedded instructions in CSS.
- Capability inventory: The skill executes a local shell script
./scripts/log-skill.sh. - Sanitization: Absent; the skill does not specify any sanitization of the file content before processing.
- [Command Execution] (LOW): The skill executes a local bash script (
./scripts/log-skill.sh) for instrumentation purposes. While intended for logging, any script execution increases the attack surface if the script contents are not properly audited.
Audit Metadata