fix-deprecated-controls
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses
npxto execute the@ui5/linterpackage. This package is the official tool for linting UI5 projects and is used here for its intended purpose of identifying deprecated code. - [COMMAND_EXECUTION]: Instructs the agent to run the shell command
npx @ui5/linter --detailsto obtain modernization metadata and documentation links. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes untrusted data from the project being analyzed.
- Ingestion points: Project source code (JavaScript, XML) and linter execution output in the terminal.
- Boundary markers: Absent; there are no specific markers or instructions to treat external data as untrusted content.
- Capability inventory: The skill is designed to perform file-read and file-write operations to modernize source code.
- Sanitization: Absent; the skill does not specify any validation or sanitization for the code or linter output it processes.
Audit Metadata