cometchat-angular-troubleshooting
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill establishes a surface for indirect prompt injection by instructing the agent to ingest and analyze untrusted data from the user's local project environment.
- Ingestion points: The skill reads contents from files such as
angular.json,src/app/app.component.ts,src/app/app.module.ts, and searches across all HTML templates usingexecuteBash(grep) andreadFile. - Boundary markers: The instructions do not specify any delimiters or instructions for the agent to ignore potential malicious prompts embedded within the source code or configuration data it processes.
- Capability inventory: The agent is granted capabilities including
executeBash,readFile, andfileSearch, which could be exploited if the agent follows instructions found within the project files. - Sanitization: No sanitization or validation logic is defined for the data retrieved from the local file system before it enters the agent's context.
- [SAFE]: All external resources and package dependencies (e.g.,
@cometchat/chat-uikit-angular) are official vendor assets belonging to CometChat, with no evidence of typosquatting or malicious sourcing. - [SAFE]: The skill includes security-conscious advice, such as recommending the use of server-minted auth tokens instead of hardcoding Auth Keys in client-side production environments.
Audit Metadata