umbraco-version-guard

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes cat and grep to retrieve version numbers from local configuration files (plugin.json, package.json, and .csproj). These are standard operations for environment detection and do not involve privilege escalation or persistence.
  • [EXTERNAL_DOWNLOADS]: The skill recommends the use of official Umbraco GitHub repositories to obtain version-specific skills if a mismatch is found. This reference targets the author's official resources and follows standard plugin management practices.
  • [PROMPT_INJECTION]: The skill identifies a potential indirect injection surface by processing project metadata and API response data.
  • Ingestion points: Project configuration files (.csproj, package.json) and the Umbraco Server Information API.
  • Boundary markers: Absent.
  • Capability inventory: Bash (read/grep) and WebFetch tools.
  • Sanitization: The skill employs restrictive numeric regular expressions ([0-9]+) to extract only version numbers, effectively neutralizing any malicious instructions embedded in the source data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:17 AM
Security Audit — agent-trust-hub — umbraco-version-guard