tapforce-sveltekit-shadcn
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (HIGH): Indirect Prompt Injection via external resource. The skill mandates fetching instructions from 'https://www.shadcn-svelte.com/llms.txt' to guide agent behavior. Since the agent uses this information to perform code modification tasks (replacing Svelte components), it creates a high-risk capability/ingestion pair. There are no boundary markers or sanitization logic defined to prevent malicious instructions in the fetched file from overriding agent safety protocols.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill relies on unverified external content at runtime. While the target domain is specific to a popular library, it is not within the defined [TRUST-SCOPE-RULE] for automated trust, and fetching live instructions introduces a dependency on external site integrity for secure operation.
Recommendations
- AI detected serious security threats
Audit Metadata