umbraco-dynamic-root
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill uses the WebFetch tool to retrieve documentation from external URLs.- Evidence: In SKILL.md, the documentation section points to several docs.umbraco.com subdomains.- Trust Status: These are official documentation sources for Umbraco CMS, which qualifies for a downgrade to LOW per safety protocols.- [PROMPT_INJECTION] (MEDIUM): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its data ingestion workflow.- Ingestion points: Documentation is fetched via WebFetch in Step 1 of the workflow.- Boundary markers: Absent. The skill does not instruct the agent to use delimiters or ignore instructions found within the fetched documentation.- Capability inventory: The agent has the ability to use Write and Edit tools to create TypeScript and C# files on the local filesystem.- Sanitization: Absent. There is no instruction to validate or sanitize the content fetched before it is used to generate code.
Audit Metadata