Skills
skills/stuartf303/sorcha/blazor/Gen Agent Trust Hub

blazor

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8). It explicitly directs the agent to query external documentation using the 'mcp__context7' toolset. \n
  • Ingestion points: Documentation is ingested via the mcp__context7__query-docs tool. \n
  • Boundary markers: There are no defined delimiters or instructions to treat the external documentation as untrusted data. \n
  • Capability inventory: The agent is authorized to use Write, Edit, and Bash, which provides the necessary permissions to execute commands or alter code based on malicious documentation. \n
  • Sanitization: The skill does not implement any validation or sanitization for the ingested documentation content. \n- [COMMAND_EXECUTION] (HIGH): The Bash tool is enabled for the agent. In the context of the indirect prompt injection vulnerability, this allows for the execution of arbitrary shell commands if the external documentation source is compromised with adversarial instructions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:44 AM