b2c-page-designer
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill demonstrates code patterns that create an indirect prompt injection surface by disabling default output encoding for merchant-provided content.
- Ingestion points: Merchant-controlled 'markup' attributes and 'region' definitions in 'SKILL.md' and 'references/ATTRIBUTE-TYPES.md'.
- Boundary markers: Absent; the templates do not use specific delimiters or instructions to isolate or identify untrusted content.
- Capability inventory: Use of 'isprint' with 'encoding="off"' in ISML templates and the rendering of components via 'PageRenderHelper' across all example files.
- Sanitization: Explicitly disabled in the provided code examples to allow for rich text rendering, relying on the integrity of the merchant-tool inputs.
Audit Metadata