Skills
skills/umbraco/umbraco-cms-backoffice-skills/umbraco-ufm-component/Gen Agent Trust Hub

umbraco-ufm-component

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill defines a framework for processing text tokens and rendering them as HTML in a CMS environment. This creates a potential surface for indirect prompt injection where untrusted content in markdown could be rendered as malicious HTML elements if the developer does not follow sanitization practices.
  • Ingestion points: SKILL.md (via UfmToken data consumed by the render method in generated TypeScript components).
  • Boundary markers: Included textually in the 'Best Practices' section which advises to 'Return safe HTML (escape user input)', though markers are absent in the code snippets themselves.
  • Capability inventory: WebFetch, Write, Edit (used for fetching docs and creating component files).
  • Sanitization: The implementation examples (e.g., MyUfmComponent, HighlightUfmComponent) lack explicit sanitization or escaping of the token.text variable before it is returned in a template literal.
  • [EXTERNAL_DOWNLOADS]: Fetches official documentation and implementation patterns from the vendor's repository and documentation site.
  • Fetches API references from docs.umbraco.com.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 10:51 AM