Skills
skills/zhinjs/ai-skills/zhin-component-rendering/Gen Agent Trust Hub

zhin-component-rendering

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill documents a template system that interpolates expressions and props into message components. If a developer uses this system to render untrusted user input without sanitization, it could lead to indirect prompt injection or UI manipulation.
  • Ingestion points: props within defineComponent and the content parameter in the renderComponents function.
  • Boundary markers: The documentation includes a 'Best Practices' section advising users to 'Validate and sanitize user input before passing it into templates'.
  • Capability inventory: The skill enables template evaluation (renderComponents) and remote content loading (fetch component).
  • Sanitization: The skill relies on external developer implementation for sanitization.
  • Dynamic Execution (LOW): The framework evaluates inline expressions (e.g., {1 + 2}) within template strings. This is the intended primary purpose of the component rendering service.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:35 PM