Skills
skills/toolshell/skills/widgets-ui/Gen Agent Trust Hub

widgets-ui

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation instructs users to execute commands that download UI components and configurations from external domains.
  • Evidence: npx shadcn@latest add https://ui.inference.sh/r/widgets.json and npx skills add inference-sh/skills@agent-ui.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it renders rich UI elements (buttons, inputs, etc.) based on structured data provided by an agent.
  • Ingestion points: The widget object passed to the WidgetRenderer component, which is intended to be generated by an agent response.
  • Boundary markers: None identified; the skill does not appear to use delimiters or instructions to ignore embedded commands within the JSON data.
  • Capability inventory: The renderer can create interactive buttons with actions, input fields, textareas, and external images.
  • Sanitization: No evidence of sanitization, escaping, or schema validation for the agent-provided JSON is present in the provided code snippets or documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 05:17 PM
Security Audit — agent-trust-hub — widgets-ui