Skills
skills/soborbo/claudeskills/schema-patterns/Gen Agent Trust Hub

schema-patterns

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The FAQ component in references/faq-howto.md renders FAQ answers using the set:html directive. This bypasses Astro's default HTML escaping and creates a surface for indirect prompt injection if the source data for the FAQ is attacker-controlled.\n
  • Ingestion points: The faqs property in the FAQ component and the associated FAQSchema.astro component.\n
  • Boundary markers: Absent; no delimiters or instructions are provided to the agent to ignore embedded instructions within the FAQ content.\n
  • Capability inventory: No dangerous runtime capabilities (e.g., subprocess execution, filesystem writes) were identified in the provided skill code.\n
  • Sanitization: Absent; the code explicitly uses set:html for raw rendering of strings.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 12:33 PM