docyrus-webform-design

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill creates a public data intake surface by designing webforms that collect unauthenticated external submissions. This represents an indirect prompt injection surface if the agent is subsequently instructed to read, summarize, or act upon the records created by these submissions.
  • Ingestion points: Public submission endpoint (form_submit_url) described in SKILL.md and references/webform-model-and-submission.md.
  • Boundary markers: None specified for user content; data is ingested as structured JSON.
  • Capability inventory: Subprocess execution via the docyrus CLI (listing records, creating forms) and network operations via curl used for testing.
  • Sanitization: The documentation notes that Turnstile verification is currently disabled and that field mapping is based on slug matching, which provides structure but not content sanitization.
  • [COMMAND_EXECUTION]: The skill uses the docyrus CLI for managing webform configurations, listing fields, and querying records. These are standard operations for the tool's intended use case.
  • [EXTERNAL_DOWNLOADS]: The skill provides an embed code snippet that references a JavaScript file (w.js) hosted on the official Docyrus static assets domain (static.docyrus.app). This is a legitimate vendor resource used for rendering the forms on third-party websites.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 10:29 PM
Security Audit — agent-trust-hub — docyrus-webform-design