web-files-image-handling
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides patterns for client-side image handling using standard Web APIs such as the Canvas API and the Blob/URL API. All processing occurs locally within the user's browser environment.
- [SAFE]: Includes explicit safety requirements and 'red flags' to prevent browser resource exhaustion, such as limiting canvas dimensions to 4096px and enforcing memory cleanup using
URL.revokeObjectURL(). - [SAFE]: No external network requests, data exfiltration patterns, or suspicious dependencies were detected. The skill instructions focus strictly on image manipulation logic.
- [SAFE]: Code examples follow security best practices for binary data parsing (e.g., using
DataViewfor EXIF parsing) and do not introduce any dynamic execution or prompt injection vulnerabilities.
Audit Metadata