Skills
skills/generaljerel/chalk-skills/capture-pr-visuals/Gen Agent Trust Hub

capture-pr-visuals

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the shell command defined in the dev.command field of the .chalk/chalk.json configuration file to start the application's development server.
  • [EXTERNAL_DOWNLOADS]: Fetches browser binaries from Microsoft's infrastructure using the npx playwright install chromium command.
  • [REMOTE_CODE_EXECUTION]: Uses npx to dynamically download and run the tsx and playwright Node.js packages at runtime.
  • [REMOTE_CODE_EXECUTION]: Writes a temporary TypeScript script to .chalk/local/capture-script.ts and executes it to perform browser automation tasks.
  • [PROMPT_INJECTION]: Exposed to indirect prompt injection through project-level data sources.
  • Ingestion points: Processes configuration from .chalk/chalk.json, package.json, and application source code via grep and glob patterns.
  • Boundary markers: No explicit delimiters or instructions are used to separate untrusted project content from agent logic.
  • Capability inventory: Has permissions for Bash execution, file Write, and network access via curl and npx.
  • Sanitization: No validation or escaping is performed on data retrieved from project files before it is used in shell commands or script templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 08:10 AM
Security Audit — agent-trust-hub — capture-pr-visuals