gzh-design
Pass
Audited by Gen Agent Trust Hub on Jul 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the AI agent to execute local Python scripts included in the package, such as 'scripts/extract_docx.py' for Word document parsing and 'scripts/validate_gzh_html.py' for safety checks. These scripts are provided within the skill and use standard Python library modules to perform their tasks.
- [EXTERNAL_DOWNLOADS]: Theme templates and documentation reference external image assets and placeholders from 'github.com', 'picgo.net', 'placehold.co', and 'placehold.orence.net'. These are standard services for development and documentation assets.
- [SAFE]: The skill incorporates a robust security mechanism via its 'validate_gzh_html.py' script, which serves as a defensive gate by scanning the generated HTML for unauthorized elements like '', '', and '' tags or external fonts, ensuring the final output is sanitized before use.
Audit Metadata