Skills
skills/lovstudio/visual-clone-skill/lovstudio-visual-clone/Gen Agent Trust Hub

lovstudio-visual-clone

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill is entirely instruction-based and contains no executable code, Python scripts, or automated tools, as confirmed in the SKILL.md manifest.
  • [EXTERNAL_DOWNLOADS]: The README.md outlines an installation process using the npx lovstudio command. This facilitates the download and activation of the skill through the vendor's official infrastructure.
  • [PROMPT_INJECTION]: The skill ingests external design images, which serves as a potential surface for indirect prompt injection. The skill's limited output scope (markdown reports) and lack of executable capabilities mitigate this risk.
  • Ingestion points: User-provided reference images (SKILL.md, Step 1).
  • Boundary markers: Not explicitly defined in the prompt instructions.
  • Capability inventory: Restricted to natural language visual analysis and text generation; no system-level or network capabilities are invoked.
  • Sanitization: No sanitization of image metadata or pixel data is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 05:01 AM