card-xiaohongshu
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to bypass safety filters, override agent instructions, or extract system prompts were detected. The instructions are focused solely on the layout, typography, and aesthetic parameters of the knowledge cards.
- [EXTERNAL_DOWNLOADS]: The HTML template references the Tailwind CSS library and Google Fonts. These are hosted on well-known, official content delivery networks (cdn.tailwindcss.com and fonts.googleapis.com) and are used for styling purposes.
- [DATA_EXPOSURE]: No access to sensitive local files, environment variables, or hardcoded credentials was found. The use of placeholders like '@HTMLAnything' for watermarks is a standard design practice.
- [INDIRECT_PROMPT_INJECTION]: The skill acts as a template that ingests user-provided text to populate HTML cards. While this creates a potential surface for indirect injection, it is the primary intended function of the skill.
- Ingestion points: User content is used to determine the number of cards and the text content within each card as defined in SKILL.md.
- Boundary markers: Absent; the instructions do not specify the use of delimiters (e.g., XML tags or triple quotes) to separate user data from the template logic.
- Capability inventory: The skill is restricted to generating HTML, CSS, and Markdown content for visual presentation.
- Sanitization: No explicit instructions for sanitizing or escaping HTML special characters in the user input are provided.
Audit Metadata