wasm-spa-autofix-react-imports
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection.
- Ingestion points: Untrusted data enters the agent context via the
fileContentsandbundlerLogsinputs. - Boundary markers: The skill logic lacks explicit instructions or markers to differentiate between the agent's instructions and potentially malicious content embedded in the analyzed code or logs.
- Capability inventory: The skill is capable of generating code patches (returned in the
patchesoutput field) which are intended to be applied directly to the project's source code. - Sanitization: No specific sanitization or validation of the input data is mentioned before it is used to inform the generation of code patches.
Audit Metadata