Skills
skills/umbraco/umbraco-cms-backoffice-skills/umbraco-tree-item/Gen Agent Trust Hub

umbraco-tree-item

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill exhibits a significant Indirect Prompt Injection surface (Category 8).
  • Ingestion points: The workflow requires fetching external content from docs.umbraco.com using the WebFetch tool.
  • Boundary markers: There are no instructions to delimit the external content or warn the agent against embedded instructions.
  • Capability inventory: The agent is granted Write and Edit permissions, allowing it to modify the local filesystem based on instructions found in the fetched documentation.
  • Sanitization: No validation or sanitization of the fetched content is performed.
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs the agent to fetch documentation from docs.umbraco.com. Although this is a legitimate site, it is not included in the Trusted External Sources list, and the tool performs network operations to a non-whitelisted domain.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 11:45 PM