Skills
skills/uipath/skills/uipath-case-management/Gen Agent Trust Hub

uipath-case-management

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes user-provided design documents (sdd.md), which represents an indirect prompt injection surface.
  • Ingestion points: references/planning.md (Step 2) reads the user's Markdown specification.
  • Boundary markers: The skill enforces multiple hard stops requiring explicit user approval via AskUserQuestion. Specifically, the generated tasks.md plan must be approved before implementation (Rule 9), and a second mandatory gate exists between structural building and detail wiring (Rule 26).
  • Capability inventory: The skill uses Bash to execute the uip CLI and Write/Edit to modify local Case Management JSON files.
  • Sanitization: The skill relies on human review of the generated declarative plan (tasks.md) and the project skeleton in Studio Web to detect and prevent malicious behaviors.
  • [EXTERNAL_DOWNLOADS]: The skill contains logic to install or upgrade the @uipath/cli package from the public npm registry.
  • Evidence: references/planning.md (Step 0) checks the local version and executes npm install -g @uipath/cli@latest if necessary.
  • Trust Context: The download originates from a well-known public registry and is the official tool provided by the skill's author, aligning with the primary purpose of authoring Case Management projects.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 01:17 PM
Security Audit — agent-trust-hub — uipath-case-management