xss-prevention
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a reference for security auditing, correctly identifying dangerous JavaScript sinks such as innerHTML and execution sinks such as eval.
- [SAFE]: It provides industry-standard recommendations for mitigation, including the use of DOMPurify for sanitization, proper output encoding, and implementation of Content Security Policy (CSP).
- [SAFE]: The skill functions as a code auditor for untrusted input; while this establishes a data ingestion surface, the skill contains no executable logic or tool-use instructions that could be exploited via indirect prompt injection.
- [SAFE]: No malicious instructions, obfuscation, or unauthorized data access patterns were identified in the skill content.
Audit Metadata