oneshot-websites
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/test_skill.pyuses thesubprocessmodule to run internal validation and index-building scripts. This is a standard and safe practice for providing a verification suite within a skill package, as the commands are limited to the skill's own local scripts. - [PROMPT_INJECTION]: The skill features a prompt generation pipeline that incorporates user-provided style briefs into templates. While this identifies as an indirect prompt injection surface, it is a functional requirement for a generative tool and poses no risk to the executing environment.
- Ingestion points: User-defined style briefs or custom style families are interpolated into
templates/PROMPT.mdandtemplates/variant-brief.mdvia variable placeholders. - Boundary markers: The templates do not utilize specific delimiters to isolate user-provided briefs from the system instructions.
- Capability inventory: The skill has capabilities to write static files (HTML, Markdown, JSON) to the local file system and execute internal Python scripts.
- Sanitization: There is no explicit sanitization of the input text before interpolation into the prompt templates.
Audit Metadata