umbraco-auth-provider
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE & EXFILTRATION] (SAFE): No hardcoded credentials or sensitive file access detected. The C# examples use standard placeholders like 'your-client-id'.- [EXTERNAL_DOWNLOADS] (SAFE): The skill fetches documentation from official Umbraco domains (docs.umbraco.com). This is expected behavior for a CMS extension skill.- [PROMPT_INJECTION] (SAFE): No instructions attempting to bypass safety filters or override system behavior were found.- [COMMAND_EXECUTION] (SAFE): The skill is restricted to file manipulation and web fetching; no shell command execution or persistence mechanisms are present.- [INDIRECT_PROMPT_INJECTION] (SAFE): * Ingestion points: Documentation URLs. * Boundary markers: Not explicitly defined. * Capability inventory: Limited to Read, Write, Edit, WebFetch. * Sanitization: Relies on default agent handling of fetched content.
Audit Metadata