asset-creation
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages visual assets within a localized knowledge directory (
knowledge/aesthetics/), following standard practices for organizing agent-specific data without accessing sensitive system locations. - [SAFE]: The skill provides references to well-known and reputable technology resources, such as Mozilla Developer Network (MDN) and GoogleChromeLabs' Squoosh CLI, for user reference and optional tooling.
- [SAFE]: A graceful degradation strategy is implemented, ensuring that if image generation tools are missing, the skill provides manual prompts instead of failing or attempting unsafe workarounds.
- [SAFE]: Indirect Prompt Injection Surface: The skill ingests data from aesthetic profile files (
knowledge/aesthetics/<slug>.md) to construct prompts for image generation tools. While these profiles act as an ingestion point for external data without explicit boundary markers or sanitization, the capabilities used (image generation and file writing to the assets directory) do not present a high-risk surface.
Audit Metadata