Skills
skills/umbraco/umbraco-cms-backoffice-skills/umbraco-controllers/Gen Agent Trust Hub

umbraco-controllers

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill uses WebFetch to ingest data from external documentation which is then used to generate code. While this is the intended functionality, it creates a theoretical surface for indirect prompt injection if the source documentation were compromised.
  • Ingestion points: Documentation URLs (docs.umbraco.com) specified in SKILL.md.
  • Boundary markers: Absent. No specific delimiters or safety instructions are used to distinguish fetched content from system instructions.
  • Capability inventory: Write and Edit tools allow the agent to create or modify files based on the fetched content.
  • Sanitization: Absent. No validation or filtering of the fetched content is performed before use in code generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:55 PM