ui5-typescript-conversion
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to add development dependencies to
package.json, including@sapui5/types,@openui5/types,typescript-eslint, and@ui5/ts-interface-generator. These are well-known, established tools from the SAP and UI5 community used for type definitions and code generation. - [COMMAND_EXECUTION]: The skill provides instructions for the user to execute standard package management and build commands, such as
npm install,yarn install, andnpx @ui5/ts-interface-generator. These commands are necessary for the project conversion process and are initiated by the user or under user guidance. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and transform existing UI5 source code. While this constitutes an attack surface, it is a required functionality for the skill's purpose.
- Ingestion points: Project source files (JavaScript, XML, YAML, JSON) found in the
webappdirectory (referenced inSKILL.mdandtest_conversion.md). - Boundary markers: None explicitly defined in the provided markdown files.
- Capability inventory: The skill can modify project files and instructs the execution of dependency management and code generation tools via the shell.
- Sanitization: Not applicable as the skill performs structural code transformation on existing files.
Audit Metadata