inspira-ui
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill directs the agent to fetch content from an external URL (
https://inspira-ui.com/docs/llms-full.txt) for implementation details. - Ingestion points: The agent is instructed in
SKILL.mdto fetch documentation from an external domain to retrieve props tables and code examples. - Boundary markers: Absent; there are no instructions to ignore malicious directives within the fetched content.
- Capability inventory: The skill allows
bash,read,glob, andgreptools, which could be misused if the fetched documentation contains malicious instructions that the agent follows. - Sanitization: Absent; the agent is not instructed to validate or sanitize the external code before implementation.
- Dynamic Execution (LOW): The script
scripts/setup-inspira.shdynamically generates a TypeScript utility file (utils.ts) using a heredoc (cat > ... << 'EOF'). While this is a standard setup pattern for this type of library, it involves writing executable code to the filesystem at runtime. - External Downloads (SAFE): The skill installs standard, well-known UI and animation packages (e.g.,
three,gsap,motion-v) via established package managers (bun,pnpm,npm). These are recognized dependencies for the stated purpose of the skill.
Audit Metadata