Skills
skills/agentara/skills/article-to-html/Gen Agent Trust Hub

article-to-html

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted markdown content from the conversation context or user-provided files, which creates a surface for indirect prompt injection.
  • Ingestion points: Untrusted source content enters the context via the Read tool as specified in the first step of the flow in SKILL.md.
  • Boundary markers: The skill does not define specific boundary markers or instructions to isolate the interpolated markdown from the surrounding HTML scaffold, relying on the model to perform the mapping safely.
  • Capability inventory: Across its scripts and instructions, the skill utilizes Read and Write capabilities to access source documents and create resulting HTML files on the local file system.
  • Sanitization: There is no evidence of sanitization, escaping, or filtering of the input markdown content before it is placed into the template.html scaffold. Malicious HTML or JavaScript tags within the source document could potentially be included in the generated output file.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 04:01 PM