learning-material

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches fonts from Google Fonts and JavaScript libraries (Mermaid, ECharts, highlight.js, KaTeX, AOS) from the jsDelivr CDN. These are well-known technology services and the usage is clearly documented in the reference files.
  • [DYNAMIC_EXECUTION]: Produces standalone HTML files that include JavaScript for rendering diagrams, charts, and equations. The skill enforces conditional loading, ensuring scripts are only added when the content requires them, which minimizes the attack surface.
  • [INDIRECT_PROMPT_INJECTION]: Processes research data into the generated HTML. While this provides a surface for content injection, the skill includes recommended configurations such as strict security levels for the Mermaid diagramming library to mitigate potential risks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 06:28 AM
Security Audit — agent-trust-hub — learning-material