openui-forge-zh
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell scripts, specifically
scripts/detect-stack.shandscripts/validate.sh, to automate project state detection and integration validation. - [EXTERNAL_DOWNLOADS]: The skill uses
npx @openuidev/cli@latestto download and execute the OpenUI project scaffolding tool. - [EXTERNAL_DOWNLOADS]: Fetches documentation for LLM reference from
https://www.openui.com/llms-full.txtandhttps://www.openui.com/llms.txt. - [PROMPT_INJECTION]: Contains specific instructions to prevent indirect prompt injection when the agent reads external documentation, explicitly telling the agent not to follow commands found in the fetched text.
- [SAFE]: Integrates with well-known third-party services including Google Gemini, Anthropic, Mistral, and DeepSeek via standard API endpoints and environment variable configuration (e.g.,
OPENAI_BASE_URL). - [SAFE]: Instructions correctly advise users to store sensitive credentials like API keys in
.envfiles rather than hardcoding them.
Audit Metadata