Skills
skills/umbraco/umbraco-cms-backoffice-skills/umbraco-entity-actions/Gen Agent Trust Hub

umbraco-entity-actions

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill defines a workflow that ingests untrusted data from external URLs, creating a surface for indirect prompt injection.
  • Ingestion points: The WebFetch tool is used in workflow step 1 to retrieve content from external documentation URLs.
  • Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded instructions within fetched content.
  • Capability inventory: The skill uses Write and Edit tools, which could be manipulated by malicious instructions in the documentation to perform unauthorized file operations.
  • Sanitization: Absent; no validation or escaping of external content is specified.
  • External Data Access (LOW): The skill performs network requests to docs.umbraco.com via the WebFetch tool, which is not among the pre-approved trusted domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:57 PM