umbraco-version-guard
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
catandgrepto retrieve version numbers from local configuration files (plugin.json,package.json, and.csproj). These are standard operations for environment detection and do not involve privilege escalation or persistence. - [EXTERNAL_DOWNLOADS]: The skill recommends the use of official Umbraco GitHub repositories to obtain version-specific skills if a mismatch is found. This reference targets the author's official resources and follows standard plugin management practices.
- [PROMPT_INJECTION]: The skill identifies a potential indirect injection surface by processing project metadata and API response data.
- Ingestion points: Project configuration files (
.csproj,package.json) and the Umbraco Server Information API. - Boundary markers: Absent.
- Capability inventory:
Bash(read/grep) andWebFetchtools. - Sanitization: The skill employs restrictive numeric regular expressions (
[0-9]+) to extract only version numbers, effectively neutralizing any malicious instructions embedded in the source data.
Audit Metadata