ui-pc
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: Disclosure of local file system paths.
- The skill specifies absolute paths such as
/Users/xujiajun/Developer/frontProj/web/src/**in the metadata and reference tables. This exposes the local username and directory structure of the developer's machine. - [PROMPT_INJECTION]: Vulnerability surface for Indirect Prompt Injection.
- Ingestion points: The skill handles untrusted data through search components (
leniu-search), form inputs (leniu-form), and API responses (getList,getDetail) used to populate tables and forms. - Boundary markers: The provided code snippets do not include delimiters or specific instructions to treat external data as untrusted content when processed by the agent.
- Capability inventory: The skill demonstrates capabilities for network operations via a custom
requestutility and dynamic rendering of UI components. - Sanitization: Although the skill mentions UI validation rules (
this.validators), it lacks explicit documentation or implementation of security sanitization to prevent malicious instructions embedded in data from influencing agent behavior.
Audit Metadata