Skills
skills/inference-sh/skills/agent-ui/Gen Agent Trust Hub

agent-ui

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to download a component registry file from the vendor's official domain (https://ui.inference.sh/r/agent.json) using the shadcn CLI utility.
  • [COMMAND_EXECUTION]: Provides instructions to install the vendor-specific @inferencesh/sdk package and add complementary skills using CLI commands.
  • [INDIRECT_PROMPT_INJECTION]: The component provides a surface for indirect prompt injection as it renders output from external LLMs and supports client-side tools (e.g., scan_ui, fill_field). While this represents a capability surface, it is consistent with the skill's stated purpose of building agentic user interfaces.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 08:50 PM