Skills
skills/glebis/claude-skills/tufte-report/Gen Agent Trust Hub

tufte-report

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides and instructs the user to run a local Python script (scripts/serve.py) to host a development server for previewing generated reports. The script implements a standard HTTP server and a minimal WebSocket server on localhost:8042 to provide live-reloading functionality.
  • [EXTERNAL_DOWNLOADS]: The generated HTML reports are configured to fetch resources from well-known and reputable CDNs. This includes loading the EB Garamond font from fonts.googleapis.com and the Monaspace Argon font and Chart.js library from cdn.jsdelivr.net.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its core function of ingesting and visualizing untrusted external data.
  • Ingestion points: Data is ingested from user-provided CSV, JSON, and SQLite sources as described in SKILL.md and references/data-adapter.md.
  • Boundary markers: There are no specified delimiters or instructions to the agent to ignore potentially malicious instructions embedded within the data values.
  • Capability inventory: The skill generates standalone HTML files containing executable JavaScript (Chart.js and scroll animations) and includes a script to serve these files on the local machine.
  • Sanitization: The instructions for the data adapter do not include steps for sanitizing, escaping, or validating input data to prevent Cross-Site Scripting (XSS) or the injection of malicious scripts into the final report.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 02:08 PM