Skills
skills/nexu-io/open-design/after-hours-editorial-template/Gen Agent Trust Hub

after-hours-editorial-template

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill includes a surface for indirect prompt injection by reading styling data from an external DESIGN.md file. This is a standard functional pattern for design templates and is managed within the artifact generation workflow.\n
  • Ingestion points: DESIGN.md is read to map colors and typography into CSS variables.\n
  • Boundary markers: None specified in the workflow instructions to separate untrusted data from instructions.\n
  • Capability inventory: The skill has the file_write capability to create the final index.html artifact.\n
  • Sanitization: No explicit sanitization or validation of the contents of the design file is described.\n- [EXTERNAL_DOWNLOADS]: The template fetches the GSAP animation library from the jsDelivr CDN and typography from Google Fonts. Both are well-known and trusted technology services for web development and do not pose a security risk in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 11:02 AM