uipath-platform
Warn
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
uipCLI tool andcurlcommands to manage Orchestrator folders, assets, and processes. It also includes instructions for managing UiPath Studio instances usingrpa-tool. - [DATA_EXFILTRATION]: Instructions direct the agent to read the
~/.uipath/.authfile to extract access tokens. These tokens are used to authenticate network requests made withcurlto official UiPath Orchestrator endpoints. - [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
@uipath/clipackage from the npm registry and various official CLI tool extensions such as@uipath/resources-tooland@uipath/test-manager-tool. - [PROMPT_INJECTION]: The skill processes data from external UiPath services (Orchestrator and Integration Service) which serves as an attack surface for indirect prompt injection.
- Ingestion points: Output from
uip is resources list,uip or folders list, anduip tm project listreferenced inagent-workflow.md,resources.md, andorchestrator-guide.md. - Boundary markers: None identified; there are no instructions to the agent to distinguish between tool output and system instructions.
- Capability inventory: The skill has permission to execute shell commands (Bash) and write to the file system (Write) as specified in the
allowed-toolsmetadata. - Sanitization: No evidence of data sanitization or validation of the retrieved external content before processing.
Audit Metadata