ckm-banner-design
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of local scripts located in the
.claude/skills/directory, specificallygemini_batch_process.pyfor AI image generation andscreenshot.jsfor exporting HTML banners to PNG. These commands are integral to the design and export workflow. - [EXTERNAL_DOWNLOADS]: The agent is instructed to use a browser to research design inspiration on Pinterest, which involves fetching external content. This is consistent with the skill's purpose for creative research.
- [DATA_EXPOSURE]: The skill accesses local project files such as
docs/brand-guidelines.mdto maintain brand consistency and writes generated output to theassets/banners/directory. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: Ingests external design references from Pinterest and brand guidelines from local project files.
- Boundary markers: No explicit delimiters are used when processing external inspiration or brand data.
- Capability inventory: Includes execution of local Python/Node.js scripts and file system writes for asset generation.
- Sanitization: No specific sanitization logic is described for the data retrieved during the research step.
Audit Metadata