Skills
skills/bluzir/claude-code-design/register-asset/Gen Agent Trust Hub

register-asset

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local script scripts/make-assets-index.mjs using the node runtime via the Bash tool to update the visual asset overview.
  • [PROMPT_INJECTION]: The skill exhibits a vulnerability to Indirect Prompt Injection through potential Cross-Site Scripting (XSS) in the generated assets.html file.
  • Ingestion points: The skill ingests data from design-assets.json and user-supplied arguments such as --asset and --subtitle as defined in SKILL.md.
  • Boundary markers: Absent. There are no delimiters or instructions to the agent to treat the injected content as raw text rather than executable HTML.
  • Capability inventory: The skill utilizes the Write tool to create or modify assets.html and the Bash tool to run indexing scripts.
  • Sanitization: Absent. The instructions do not specify any validation or escaping of the metadata before interpolation into the HTML template, which could allow an attacker to inject malicious scripts into the local dashboard via asset names or descriptions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 02:20 PM