svg-authoring
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The instructions explicitly prohibit dangerous SVG features, including tags, external references via or , and inline Base64 data, effectively mitigating common SVG-based attack vectors like XSS and SSRF.
- [PROMPT_INJECTION]: The skill processes untrusted external data (svg_brief), which presents a surface for indirect prompt injection. Ingestion points: The agent reads design requirements from svg_brief as described in SKILL.md. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified for the input brief. Capability inventory: The skill can write files to the local file system using the asset_save_inline_svg tool. Sanitization: Mitigation is implemented via a 'Round-trip contract' that validates the generated SVG code against a whitelist of allowed tags and properties, specifically rejecting scripts and external references.
Audit Metadata