Skills
skills/nexu-io/open-design/image-to-code/Gen Agent Trust Hub

image-to-code

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill instructions and configuration do not contain any patterns associated with malicious activity.
  • [COMMAND_EXECUTION]: No unauthorized or dangerous shell commands or subprocess calls were identified. The skill generates frontend code (HTML/CSS) which is standard for web development tasks.
  • [DATA_EXFILTRATION]: No network requests to non-whitelisted domains or access to sensitive file paths (e.g., credentials, SSH keys) were detected.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided or generated visual data (images) and extracts text/structure from them. While this is an inherent surface for indirect prompt injection, the skill does not exhibit any specific malicious intent, and this behavior is core to its functional purpose. Mitigation involves standard platform-level safety filters for visual processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:29 AM
Security Audit — agent-trust-hub — image-to-code