uipath-feedback
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
uipCLI (UiPath's official tool) to perform version checks, gather status, and transmit feedback. These operations are scoped to the intended functionality of the skill. - [DATA_EXFILTRATION]: By design, the skill transmits diagnostic information to UiPath's infrastructure. This risk is mitigated by explicit requirements for user review and confirmation before sending, along with comprehensive sanitization rules that redact secrets, tokens, PII in file paths, and GUIDs.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted project files (e.g.,
.flow,xaml,pyproject.toml) to summarize context for the report. - Ingestion points: Project files and session conversation history.
- Boundary markers: None explicitly defined for interpolating project data into the description prompt.
- Capability inventory: Shell command execution via
uipand file system writes. - Sanitization: Extensive rules are provided to strip secrets and redact sensitive identifiers before the data is transmitted or summarized.
Audit Metadata