Skills
skills/umbraco/umbraco-cms-backoffice-skills/umbraco-current-user-action/Gen Agent Trust Hub

umbraco-current-user-action

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill demonstrates a high-risk capability tier where external data is ingested to drive code generation tasks.
  • Ingestion points: The skill explicitly instructs the agent to use WebFetch on external URLs (docs.umbraco.com) in the 'Workflow' section.
  • Boundary markers: Absent. There are no instructions to delimit or treat the external documentation as untrusted data.
  • Capability inventory: The skill uses Write and Edit tools to create manifest files and action implementation classes (.ts and .js files).
  • Sanitization: None. The agent is directed to generate complete working code based directly on the latest fetched docs without any validation or sanitization steps.
  • [External Downloads] (LOW): The skill utilizes WebFetch to retrieve information from docs.umbraco.com.
  • Evidence: URLs provided in the 'Documentation' section for extension types and registries.
  • Trust Scope: This finding is downgraded to LOW per [TRUST-SCOPE-RULE] as the source is the official documentation for the targeted framework. However, the downstream behavior of generating code from this data remains a HIGH severity risk.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 11:45 PM