Skills
skills/hoangvantuan/claude-plugin/style-dna/Gen Agent Trust Hub

style-dna

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses Read, Glob, and Write tools to access the local file system. It reads text files from user-specified paths or folders and writes generated style guides to a style-guides/ directory.
  • [EXTERNAL_DOWNLOADS]: The skill fetches article content from external sources such as Substack or blogs using WebFetch and a referenced tool named substack-tools (which includes substack_crawl.py).
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted text from external files and URLs. Ingestion points occur in SKILL.md (Workflow Step 1). While the skill separates articles using --- delimiters, it lacks specific instructions to ignore potential instructions embedded within the corpus. The agent's capabilities include file-system write access and network fetching, and no specific sanitization or filtering of the ingested content is defined.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 04:31 PM