Skills
skills/secondsky/claude-skills/ai-sdk-core/Gen Agent Trust Hub

ai-sdk-core

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains templates (e.g., templates/nextjs-server-action.ts and templates/cloudflare-worker-integration.ts) that interpolate raw user input directly into LLM prompts without boundary markers or specific "ignore instructions" directives. This creates a surface for indirect prompt injection where malicious user data could override intended agent behavior. The skill includes a mitigation example in references/production-patterns.md under the "Security" section.
  • Ingestion points: User-supplied input variables such as theme, ingredients, text, and prompt in templates/nextjs-server-action.ts, as well as message in templates/cloudflare-worker-integration.ts.
  • Boundary markers: Absent in most functional templates. Delimiters or "ignore instructions" headers are not used to separate user data from the developer's prompt instructions.
  • Capability inventory: The skill enables LLM text and structured object generation. While no direct shell execution via generated text is demonstrated in the templates, the generated output is intended to be used directly in application workflows.
  • Sanitization: Absent in primary templates. Although the skill provides a sanitizePrompt utility in its documentation (references/production-patterns.md), it is not implemented in the provided functional code examples.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 06:54 PM
Security Audit — agent-trust-hub — ai-sdk-core