umbraco-property-editor-ui
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill's workflow depends on fetching data from docs.umbraco.com to guide the creation of TypeScript elements and JSON manifests.
- Ingestion points: Data is ingested through the WebFetch tool using various documentation URLs listed in SKILL.md.
- Boundary markers: There are no instructions to use delimiters or ignore potentially malicious instructions embedded in the fetched documentation.
- Capability inventory: The skill uses Write and Edit tools to modify local source code and package manifests.
- Sanitization: No sanitization or validation logic is defined to check the integrity or safety of the external data before it is processed by the agent.
Recommendations
- AI detected serious security threats
Audit Metadata