bm-favicon-creator

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses rsvg-convert and magick (ImageMagick) to rasterize SVG sources into multiple PNG and ICO formats. These commands are executed via the shell with arguments derived from user input and external data.
  • [EXTERNAL_DOWNLOADS]: The agent is instructed to fetch SVG files from external domains, including Lucide's official site and other unnamed "official sources" for various icon libraries.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted data from external URLs and interpolates this content into SVG templates before passing it to system-level image processing tools.
  • Ingestion points: External SVG assets fetched from the web and user-provided descriptions in SKILL.md.
  • Boundary markers: None identified for the interpolation of SVG path data into the XML templates.
  • Capability inventory: File system writes to the public/ directory and /tmp/, and subprocess execution of image processing binaries.
  • Sanitization: The skill lacks explicit validation or sanitization logic for the SVG path data or hex color codes before they are embedded into the generated files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 06:11 PM
Security Audit — agent-trust-hub — bm-favicon-creator