gzh-design

Pass

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the AI agent to execute local Python scripts included in the package, such as 'scripts/extract_docx.py' for Word document parsing and 'scripts/validate_gzh_html.py' for safety checks. These scripts are provided within the skill and use standard Python library modules to perform their tasks.
  • [EXTERNAL_DOWNLOADS]: Theme templates and documentation reference external image assets and placeholders from 'github.com', 'picgo.net', 'placehold.co', and 'placehold.orence.net'. These are standard services for development and documentation assets.
  • [SAFE]: The skill incorporates a robust security mechanism via its 'validate_gzh_html.py' script, which serves as a defensive gate by scanning the generated HTML for unauthorized elements like '', '', and '' tags or external fonts, ensuring the final output is sanitized before use.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 10, 2026, 01:10 AM
Security Audit — agent-trust-hub — gzh-design