modernize-ui5-app

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The workflow involves running npx @ui5/linter, npm test, and mvn verify. These are standard development commands used for linting and executing local test suites during the modernization verification phases.
  • [PROMPT_INJECTION]: The skill processes project source code and linter output which presents a surface for indirect prompt injection.
  • Ingestion points: The skill reads project files (JavaScript, XML, JSON) and linter output logs from the local file system.
  • Boundary markers: The skill relies on specific structural instructions to sub-agents rather than explicit data delimiters or 'ignore' warnings for the ingested content.
  • Capability inventory: The skill has the capability to modify files, perform git commits, and execute shell commands (npm and Maven).
  • Sanitization: No explicit sanitization or escaping of the ingested project code is performed before it is processed by the agent.
  • [SAFE]: The skill demonstrates security awareness by instructing the agent to update .gitignore to prevent the accidental commitment of local test artifacts and temporary configuration files like headless-chrome.json.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 05:46 AM
Security Audit — agent-trust-hub — modernize-ui5-app