svg-authoring

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The instructions explicitly prohibit dangerous SVG features, including tags, external references via or , and inline Base64 data, effectively mitigating common SVG-based attack vectors like XSS and SSRF.
  • [PROMPT_INJECTION]: The skill processes untrusted external data (svg_brief), which presents a surface for indirect prompt injection. Ingestion points: The agent reads design requirements from svg_brief as described in SKILL.md. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified for the input brief. Capability inventory: The skill can write files to the local file system using the asset_save_inline_svg tool. Sanitization: Mitigation is implemented via a 'Round-trip contract' that validates the generated SVG code against a whitelist of allowed tags and properties, specifically rejecting scripts and external references.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 01:47 PM
Security Audit — agent-trust-hub — svg-authoring