json-render-core
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is vulnerable to in direc t prom pt in jection by desig n as it is in ten de d to build prom pt s from untruste d sourc e s. Evidenc e Chain: 1. In gestion poin t s:
buildUse rProm ptfunction param eter s (prom pt,state,curren tSpec) and catalog prom pt rule s. 2. Boun dary m arker s: Absen t from docum en tation exam ple s. 3. Capability in ven tory: Generate s struc ture d JSON spec s for UI ren der in g. 4. Sanitization: No ex plicit sanitization logic show n for in ter polate d con ten t.
Audit Metadata