aesthetic-research
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches visual references and design data from well-known platforms including Pinterest, Dribbble, Behance, and Google Images using browser and fetch tools. These operations target established services for their intended purpose.
- [COMMAND_EXECUTION]: Performs file system operations to create directories and write research profiles (.md files) and image assets. It writes to the local workspace (knowledge/aesthetics/) and potentially to user-global agent directories (~/.agents/skills/knowledge/aesthetics/). It also includes logic to modify files associated with the aesthetic-literacy skill for alias synchronization.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface (Category 8) by ingesting untrusted data from external websites and incorporating it into persistent markdown profiles. Ingestion points: External image search results from Pinterest, Dribbble, Behance, and Google Images. Boundary markers: The skill uses structured markdown headers (e.g., ## Image Descriptions) to delimit content but lacks specific instructions to ignore or sanitize embedded commands within the fetched data. Capability inventory: Includes network access (browser, fetch) and file system write capabilities. Sanitization: No explicit sanitization or filtering of external content is performed before it is written to the persistent knowledge base.
Audit Metadata