agent-ui
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches component definitions and registry data from 'https://ui.inference.sh/r/agent.json' using the 'shadcn' CLI tool.
- [EXTERNAL_DOWNLOADS]: Installs the official '@inferencesh/sdk' Node.js package to facilitate agent communication via a secure proxy route.
- [PROMPT_INJECTION]: Identified vulnerability surface for indirect prompt injection related to the component's 'client-side tools' capability.
- Ingestion points: External data processed via 'scan_ui' and 'fill_field' tools as described in 'SKILL.md'.
- Boundary markers: None explicitly defined in the provided '' component props.
- Capability inventory: Includes browser-level tools 'scan_ui' and 'fill_field' that interact with the user interface.
- Sanitization: No explicit sanitization or filtering of tool outputs is demonstrated in the provided SDK integration example.
Audit Metadata