modernize-ui5-app
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The workflow involves running
npx @ui5/linter,npm test, andmvn verify. These are standard development commands used for linting and executing local test suites during the modernization verification phases. - [PROMPT_INJECTION]: The skill processes project source code and linter output which presents a surface for indirect prompt injection.
- Ingestion points: The skill reads project files (JavaScript, XML, JSON) and linter output logs from the local file system.
- Boundary markers: The skill relies on specific structural instructions to sub-agents rather than explicit data delimiters or 'ignore' warnings for the ingested content.
- Capability inventory: The skill has the capability to modify files, perform git commits, and execute shell commands (npm and Maven).
- Sanitization: No explicit sanitization or escaping of the ingested project code is performed before it is processed by the agent.
- [SAFE]: The skill demonstrates security awareness by instructing the agent to update
.gitignoreto prevent the accidental commitment of local test artifacts and temporary configuration files likeheadless-chrome.json.
Audit Metadata