The Agent Skills Directory

[SAFE]: No security issues were detected. The skill is well-structured and includes explicit security measures to prevent XSS and script injection in its output artifacts.
[COMMAND_EXECUTION]: The skill provides a CLI utility (scripts/build.py) for processing JSON specifications and writing HTML files. These operations are limited to the intended functionality of generating reports and presentations.
[INDIRECT_PROMPT_INJECTION]: The skill processes JSON data to populate HTML templates. It correctly identifies and mitigates potential injection risks by using a centralized esc() helper based on html.escape and including automated security regression tests in tests/test_smoke.py.

composing-html