Skills
skills/steedos/steedos-platform/steedos-micro-pages/Gen Agent Trust Hub

steedos-micro-pages

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructs the agent to create user interface schemas that fetch data from API endpoints and render it via the Amis template engine. This creates a potential surface for indirect prompt injection if malicious data stored in the database is processed and rendered into the agent's view.
  • Ingestion points: Data from API endpoints like /api/v6/data/ and /api/v4/stats/.
  • Boundary markers: Generated templates do not employ specific markers or delimiters to differentiate between UI instructions and dynamic data.
  • Capability inventory: The skill generates configuration files and defines network requests within the Steedos platform context.
  • Sanitization: No sanitization or escaping logic is prescribed for the data bound to the templates.
  • [COMMAND_EXECUTION]: The skill utilizes dynamic script execution through the Amis framework's support for script blocks to process API data, generating JavaScript snippets within adaptor and requestAdaptor fields.
  • Evidence: Example schemas in the skill documentation include script logic for mapping API responses and transforming request data such as api.data = { id: context.recordId } in the sales_dashboard.page.amis.json and order_report.page.amis.json templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 10:36 AM
Security Audit — agent-trust-hub — steedos-micro-pages