chat-ui
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references external component registries and images hosted on the vendor's domains (ui.inference.sh and cloud.inference.sh).
- [COMMAND_EXECUTION]: Instructions are provided for installing components and related tools using 'npx shadcn' and 'npx skills'.
- [PROMPT_INJECTION]: The skill defines a UI surface for chat messages that represents an indirect prompt injection surface.
- Ingestion points: Message content in the 'ChatMessage' component in 'SKILL.md'.
- Boundary markers: None identified in the provided code snippets.
- Capability inventory: The skill provides static UI components with no direct system access or dangerous capabilities.
- Sanitization: No explicit sanitization or filtering logic is demonstrated in the implementation examples.
Audit Metadata