admin-chat-ui-flow
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The metadata for the skill includes an installation command that fetches the SKILL.md file from a remote GitHub repository (github.com/deveclipsy007/llminvoice) via curl.
- [INDIRECT_PROMPT_INJECTION]: The skill defines a process where external data is ingested to generate or modify source code files, creating a vulnerability surface for indirect prompt injection.
- Ingestion points: Processes untrusted inputs such as
chat_sectionsandinteraction_statesas described in SKILL.md. - Boundary markers: Absent; there are no instructions or delimiters provided to differentiate between instructions and potentially malicious content within the processed data.
- Capability inventory: The skill is intended to output or modify executable/interpreted files, specifically
templates/pages/admin/chat.phpandpublic/assets/js/chat.js. - Sanitization: Absent; the skill does not specify any validation or sanitization requirements for the inputs before they are used in code generation.
Audit Metadata