generate-frontend-wiring
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted source code files from the local filesystem to generate configuration output.
- Ingestion points: Files such as package.json, src/plugin.ts, src/index.ts, and plugin-manifest.json are parsed for metadata and exports.
- Boundary markers: The instructions lack explicit delimiters or warnings to ignore embedded instructions within the source files being analyzed.
- Capability inventory: The skill uses file-reading capabilities to inspect local source code.
- Sanitization: No sanitization or validation of the source code content is performed prior to the analysis and configuration generation process.
Audit Metadata