Skills
skills/umbraco/umbraco-cms-backoffice-skills/umbraco-menu-items/Gen Agent Trust Hub

umbraco-menu-items

Warn

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Indirect Prompt Injection (MEDIUM): The skill implements a workflow that ingests untrusted data from the web to drive file-writing capabilities.
  • Ingestion Points: The 'Workflow' section instructs the agent to use WebFetch on external URLs (docs.umbraco.com).
  • Capability Inventory: The skill is granted Write and Edit permissions to create manifests and implementation files.
  • Boundary Markers: No delimiters or 'ignore embedded instructions' warnings are present to isolate fetched content from agent instructions.
  • Sanitization: No validation or filtering is specified for the data retrieved via WebFetch before it is used to generate code.
  • External Connections (LOW): The skill requests access to the WebFetch tool to communicate with domains outside the predefined trust list.
  • Evidence: Documentation URLs point to docs.umbraco.com.
  • Mitigation: While not on the specific Trusted Source list, the domain is the official vendor documentation site, which is typical for this type of technical skill.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 11:24 PM