add-visual-reference

Pass

Audited by Gen Agent Trust Hub on May 22, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to manage the file system and verify the project state. Specifically, it uses mkdir -p to create directories for screenshots and bun run build to verify the integrity of the generated JSON files. These operations are limited to the project scope and are consistent with the skill's stated purpose.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill reads and writes to project-specific paths (public/references/ and src/content/references/). There is no evidence of access to sensitive system files, environment variables, or unauthorized network transmissions.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted user input (e.g., website names, URLs, style descriptions) and incorporates them into JSON files and file paths (via slugs).
  • Ingestion points: User-provided screenshot analysis and direct input for name, URL, and categories (SKILL.md).
  • Boundary markers: None used; the agent relies on the user to confirm the extracted details before generation.
  • Capability inventory: Subprocess calls for mkdir and bun run build, and file write operations (SKILL.md).
  • Sanitization: The skill applies transformation logic (kebab-casing for slugs) and follows a strict JSON schema, which provides some level of structural validation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 22, 2026, 02:20 AM
Security Audit — agent-trust-hub — add-visual-reference