web-design-guidelines
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user data including text, files, and external URLs, creating a standard surface for indirect prompt injection.
- Ingestion points: User input fields
materialText,materialFile, andmaterialUrldefined inreferences/form-schema.jsonandSKILL.md. - Boundary markers: None present to distinguish user content from instructions.
- Capability inventory: The
scripts/run.pyscript performs network operations (POST requests) to an external API. - Sanitization: Input parameters are passed directly to the API without local sanitization.
- [COMMAND_EXECUTION]: The skill includes a Python runner (
scripts/run.py) designed to be executed by the user to interact with the AI Skills API. - [EXTERNAL_DOWNLOADS]: The included script performs network requests to the vendor's domain
https://ai-skills.aifor the purpose of executing the AI skill's logic.
Audit Metadata