Skills
skills/umbraco/umbraco-cms-backoffice-skills/umbraco-block-editor-custom-view/Gen Agent Trust Hub

umbraco-block-editor-custom-view

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION] (SAFE): The skill uses WebFetch to ingest data from external URLs (docs.umbraco.com) which creates a potential surface for Indirect Prompt Injection. However, the sources are trusted official documentation and the risk is considered negligible within the scope of code generation.
  • Ingestion points: WebFetch on external documentation URLs.
  • Boundary markers: Not present.
  • Capability inventory: Write, Edit, Read tools for file manipulation.
  • Sanitization: No explicit sanitization or escaping of external content is defined.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill references external URLs and GitHub repository paths for documentation purposes. It does not perform automated downloads or execution of untrusted scripts.
  • [SAFE] (SAFE): No malicious patterns such as obfuscation, credential exfiltration, or persistence mechanisms were detected. The skill is consistent with its stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:59 PM