Skills
skills/skillrecordings/support/front-plugin/Gen Agent Trust Hub

front-plugin

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill provides patterns for processing external message and comment content which are untrusted data sources.
  • Ingestion points: Data enters through context.listMessages and context.listComments in rules/context-types.md and rules/sdk-methods.md.
  • Boundary markers: No boundary markers or 'ignore' instructions are present in the provided templates.
  • Capability inventory: The skill allows for high-impact actions including createDraft, updateDraft, tag, assign, and network operations via sendHttp and relayHttp.
  • Sanitization: No sanitization or validation logic is implemented in the provided UI patterns.
  • [DATA_EXFILTRATION]: Potential PII Exposure via Debug Pattern. The rules/ui-patterns.md file suggests a 'Debug Mode' implementation that renders the entire context object to the screen if a URL parameter (debug=true) is present. This object contains sensitive teammate information including names and email addresses.
  • [DATA_EXFILTRATION]: Network Capabilities. The documentation describes context.sendHttp and context.relayHttp for communicating with external APIs, which represents a capability for data transmission.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 10:32 PM