Skills
skills/ibelick/ui-skills/ui-skills-root/Gen Agent Trust Hub

ui-skills-root

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute various shell commands using npx, specifically npx ui-skills start, categories, list, and get to interact with a UI skills registry.
  • [EXTERNAL_DOWNLOADS]: Execution of npx ui-skills involves fetching the latest version of the ui-skills package from the npm registry at runtime.
  • [PROMPT_INJECTION]: The skill implements a workflow where external content fetched via npx ui-skills get <slug> is loaded directly into the agent's execution context. This represents an indirect prompt injection surface.
  • Ingestion points: SKILL.md (via CLI output from npx ui-skills get <slug>).
  • Boundary markers: None identified; the instructions do not specify using delimiters or 'ignore' warnings for the fetched content.
  • Capability inventory: The agent is granted shell execution capabilities to run the npx commands.
  • Sanitization: No sanitization or validation of the fetched skill content is described before implementation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 06:00 PM
Security Audit — agent-trust-hub — ui-skills-root