Skills
skills/umbraco/umbraco-cms-backoffice-skills/umbraco-bundle/Gen Agent Trust Hub

umbraco-bundle

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill is vulnerable to Indirect Prompt Injection. It retrieves data from external URLs via WebFetch and uses that data to perform Write and Edit operations on local files.
  • Ingestion points: WebFetch is used to access docs.umbraco.com in the first step of the workflow.
  • Boundary markers: There are no instructions to delimit or ignore instructions found within the fetched documentation.
  • Capability inventory: The skill uses Write and Edit tools to generate umbraco-package.json and manifests.ts files.
  • Sanitization: No validation or sanitization of the fetched web content is performed before it is used to generate code.
  • EXTERNAL_DOWNLOADS (LOW): The skill references and fetches content from docs.umbraco.com. While these are official resources, fetching content at runtime is a potential vector for malicious input.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 11:44 PM