Skills
skills/jackspace/claudeskillz/ai-elements-chatbot/Gen Agent Trust Hub

ai-elements-chatbot

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The README instructs users to run 'pnpm dlx ai-elements@latest init', which downloads and executes remote code from the npm registry. Since 'vercel' is a trusted organization, this is considered a standard installation pattern.
  • COMMAND_EXECUTION (LOW): The documentation includes several shell commands for environment verification and project setup (e.g., 'npx next --version', 'npm list ai').
  • INDIRECT_PROMPT_INJECTION (LOW): The skill provides a UI surface for processing untrusted chat data. Ingestion points: 'Message', 'Conversation', and 'Response' components handle AI and user-generated content. Boundary markers: None explicitly documented. Capability inventory: Package execution via 'pnpm dlx'. Sanitization: Not specified; assumes reliance on React/Next.js default escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:33 PM