infographic-generator

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted user data to generate structured outputs and code.
  • Ingestion points: The content field in the Input Schema is the primary entry point for untrusted data.
  • Boundary markers: Absent. The skill lacks instructions to delimit user input or explicitly ignore embedded instructions within the provided content.
  • Capability inventory: The skill generates self-contained HTML/CSS code blocks based on the input data.
  • Sanitization: Absent. There are no instructions for the agent to sanitize or escape the input content before interpolating it into the HTML/CSS output.
  • [EXTERNAL_DOWNLOADS]: The skill references external tools and repositories for rendering and issue tracking.
  • Fetches concepts and inspiration from Vercel's Satori repository, a well-known design tool service.
  • Links to the author's own GitHub repositories (Affitor/content-pipeline, Affitor/affiliate-skills) for feedback and related functionality.
  • [COMMAND_EXECUTION]: While the skill does not execute commands directly, it instructs the agent to generate HTML/CSS scripts. If an attacker provides content containing malicious scripts (e.g., <script> tags), the agent might include them in the generated HTML, leading to potential execution when the user views the infographic.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 08:53 AM
Security Audit — agent-trust-hub — infographic-generator