Skills
skills/usevowel/skills/vowel-client/Gen Agent Trust Hub

vowel-client

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill documents an indirect prompt injection surface where the AI agent processes application context to determine its responses and actions.
  • Ingestion points: Untrusted application state is ingested through vowelInstance.updateContext() and the useSyncContext() hook (SKILL.md).
  • Boundary markers: Documentation does not specify explicit delimiters or instructions for the agent to ignore potentially malicious content within the context data.
  • Capability inventory: The agent can perform navigation using application adapters, execute custom actions (e.g., searchProducts), and interact with the DOM via the optional automationAdapter (SKILL.md).
  • Sanitization: There is no mention of sanitization or validation of the context data before it is presented to the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 03:40 PM