text-card-generator

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses a helper script (scripts/download-fonts.sh) to fetch various font assets from external sources including jsDelivr, Fontshare, and GitHub repositories (e.g., Google Fonts, TrionesType, and subframe7536).
  • [COMMAND_EXECUTION]: The workflow involves executing local scripts to perform its tasks:
  • scripts/download-fonts.sh downloads and organizes font files locally.
  • scripts/render-cards.mjs uses Playwright to launch a headless browser and capture screenshots of generated HTML pages.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted user data into HTML for rendering.
  • Ingestion points: User-provided content (text, topic, or URL) is collected as the primary input in SKILL.md.
  • Boundary markers: No specific delimiters or "ignore instructions" warnings are used when interpolating this content into the HTML templates.
  • Capability inventory: The skill utilizes render-cards.mjs which has the capability to write to the file system (image export) and utilize Playwright for browser-based rendering.
  • Sanitization: There is no evidence of sanitization or escaping of the user-provided text before it is inserted into the card's HTML structure.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 06:05 AM
Security Audit — agent-trust-hub — text-card-generator