umbraco-entity-bulk-actions
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Detected an indirect prompt injection surface. 1. Ingestion points: The skill fetches external Umbraco documentation URLs via WebFetch and takes user input for entity types and operations (Workflow in SKILL.md). 2. Boundary markers: Absent; the skill lacks instructions for the agent to ignore or isolate embedded instructions within the external data. 3. Capability inventory: The agent has permission to use Write and Edit tools to generate and modify code files based on input (SKILL.md). 4. Sanitization: Absent; the process does not specify validation or escaping of external content before it is interpolated into code templates.
Audit Metadata