explain-visually
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external data (repositories, specifications, and PRs) to generate HTML artifacts. This creates a surface for indirect prompt injection where malicious instructions embedded in the source material could influence the agent's behavior.
- Ingestion points:
SKILL.md(Workflow Step 1: "Read the source material") specifies reading external data provided in arguments. - Boundary markers: Absent. The instructions do not provide delimiters or specific warnings for the agent to ignore instructions found within the source material.
- Capability inventory: The agent is instructed to generate responsive HTML, CSS (Tailwind), and SVG content, and run local verification tools.
- Sanitization: Absent. There is no explicit requirement to sanitize or escape content from the external sources before including it in the generated HTML artifact.
- [COMMAND_EXECUTION]: The workflow requires the execution of a verification command to check the generated artifact.
- Evidence:
SKILL.md(Workflow Step 4) instructs the agent to "Runbrowser-verifybefore finishing." - [EXTERNAL_DOWNLOADS]: The skill references external resources from well-known services to styling the generated HTML.
- Evidence:
SKILL.md(Build Step 3) specifies using "Tailwind CSS via CDN for layout and responsive behavior."
Audit Metadata