ai-elements
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill references 'npx ai-elements@latest' for component installation. While Vercel is a trusted organization, npx involves the download and execution of remote code.
- [PROMPT_INJECTION] (LOW): Identified a surface for indirect prompt injection (Category 8) in the message display components. Evidence: 1. Ingestion points: 'messages' array in conversation.tsx; 2. Boundary markers: Absent in the provided JSX example; 3. Capability inventory: No dangerous system-level capabilities; 4. Sanitization: Not explicitly shown in the example snippet.
- [DATA_EXPOSURE] (SAFE): Documentation mentions 'AI_GATEWAY_API_KEY' and '.env.local' for project configuration. No patterns for unauthorized access or exfiltration were detected.
Audit Metadata