add-components-to-registry
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions to override agent behavior or bypass safety filters were identified in the skill instructions.
- Data Exposure & Exfiltration (SAFE): The skill operates on local project files (e.g., .tsx components) to generate metadata. It does not access sensitive credentials, system files, or perform any external network requests.
- Indirect Prompt Injection (SAFE): The skill possesses a surface for indirect prompt injection as it processes user-provided source files. Evidence: (1) Ingestion: Reads React component code from the user's project; (2) Boundary markers: None specified; (3) Capabilities: Reads source files and writes new schema files/registry updates; (4) Sanitization: None mentioned. While a surface exists, this is standard functionality for a development tool and is considered low risk.
- Remote Code Execution & Dependencies (SAFE): The skill references standard packages (zod, @tambo-ai/react) for its operation. No remote scripts are downloaded or executed.
- Dynamic Execution (SAFE): The skill generates static TypeScript code and Zod schemas based on component properties. This is a primary function of the utility and follows safe code generation patterns.
Audit Metadata