structured-artifact
Pass
Audited by Gen Agent Trust Hub on Jul 5, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download frontend libraries such as Tailwind CSS, Mermaid.js, and Chart.js from well-known services like jsDelivr and unpkg. This is standard practice for creating self-contained HTML artifacts.
- [COMMAND_EXECUTION]: In resources/layout-and-theme.md, the skill describes using Python's http.server and tailscale serve to preview generated content. These are legitimate development tools and the usage is clearly documented for that purpose.
- [PROMPT_INJECTION]: The skill exhibits an indirect injection surface area.
- Ingestion points: The agent is instructed to load an external file path (/information-hierarchy) to determine the structure and content of the generated pages.
- Boundary markers: There are no explicit instructions to the agent to validate or sanitize the data loaded from the hierarchy file.
- Capability inventory: The skill includes commands for network downloads (curl), file serving (python3 -m http.server), network exposure (tailscale serve), and Mermaid configuration (securityLevel: 'loose') allowing JavaScript callbacks.
- Sanitization: The provided JavaScript templates for the artifacts (e.g., in resources/card-grid.md and resources/tree-and-toc.md) use .innerHTML to render data properties directly into the DOM, creating a potential vulnerability surface if the ingested data contains malicious scripts.
Audit Metadata