Skills
skills/notysoty/openagentskills/Accessibility Audit Helper/Gen Agent Trust Hub

Accessibility Audit Helper

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted user-provided UI code (HTML, JSX, React) for auditing. This creates a surface for indirect prompt injection if the code being audited contains malicious instructions designed to override the agent's behavior.
  • Ingestion points: Processes component or file content provided by the user as input (SKILL.md).
  • Boundary markers: The skill does not define explicit delimiters or instructions to ignore instructions that might be embedded within the code being audited.
  • Capability inventory: The skill's instructions are limited to code analysis and reporting; it does not request high-risk capabilities like network access, shell execution, or file writing.
  • Sanitization: No explicit sanitization or filtering of the input code is performed before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:56 AM
Security Audit — agent-trust-hub — Accessibility Audit Helper