visualize
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the Mermaid library from the well-known jsDelivr CDN at 'https://cdn.jsdelivr.net/npm/mermaid@11/dist/mermaid.esm.min.mjs' to enable diagram rendering within its HTML output.
- [COMMAND_EXECUTION]: To create unique filenames for visualizations, the skill uses the standard system command 'date +%y%m%d-%H%M' as specified in the 'Output Conventions' section of SKILL.md.
- [PROMPT_INJECTION]: The skill processes untrusted external data which introduces a surface for indirect prompt injection.
- Ingestion points: The skill ingests markdown files, repository documentation such as 'docs/SUMMARY.md', and plan folders containing phase files as described in 'SKILL.md' and 'references/workflow.md'.
- Boundary markers: Content is placed into specific template regions identified by 'VISUALIZE:' markers in the HTML files within 'references/templates/'.
- Capability inventory: The skill is capable of reading repository files and writing HTML and CSS files to the local directory. Furthermore, 'references/verification.md' suggests the use of browser-based automation tools like Playwright to open and verify the generated output.
- Sanitization: The instructions lack explicit requirements for sanitizing or escaping the content retrieved from source files before it is interpolated into the HTML visualizations, creating a potential XSS vulnerability.
Audit Metadata