Skills
skills/objectstack-ai/objectstack/objectstack-ui/Gen Agent Trust Hub

objectstack-ui

Warn

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The WidgetSourceSchema in references/ui/widget.zod.ts supports a remote provider type that allows loading and executing JavaScript modules from external URLs.
  • [COMMAND_EXECUTION]: The WidgetLifecycleSchema and WidgetSourceSchema (inline type) in references/ui/widget.zod.ts allow arbitrary JavaScript code to be provided as strings and executed during widget lifecycle events such as onMount, onUpdate, and onValidate.
  • [DATA_EXFILTRATION]: The ViewDataSchema and ActionSchema allow for the configuration of custom API endpoints and URLs, which could be used to transmit data to external servers.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes externally defined UI configurations that can contain executable code. * Ingestion points: ViewDataSchema and WidgetManifestSchema. * Boundary markers: None specified. * Capability inventory: Remote script loading and inline code execution are permitted by the schema. * Sanitization: Zod structural validation is present, but no specific content safety filtering for malicious code or URLs is identified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 14, 2026, 08:06 AM
Security Audit — agent-trust-hub — objectstack-ui