umbraco-file-upload-preview
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill's primary workflow involves fetching external documentation via WebFetch and using that information to drive the generation of TypeScript components using Write and Edit tools. Ingestion points: Data enters the agent context via WebFetch from multiple docs.umbraco.com URLs. Boundary markers: The skill lacks instructions or delimiters to isolate fetched content from the agent's internal instructions. Capability inventory: The agent uses Write and Edit tools to commit generated code to the filesystem based on external data. Sanitization: There is no logic provided to sanitize or validate the documentation content before processing.
- External Downloads (LOW): The skill references and fetches content from docs.umbraco.com. Per [TRUST-SCOPE-RULE], these are trusted sources for Umbraco development, which downgrades the risk of the download itself, but the behavioral risk of the code generation workflow remains MEDIUM.
Audit Metadata