explain-visually

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external data (repositories, specifications, and PRs) to generate HTML artifacts. This creates a surface for indirect prompt injection where malicious instructions embedded in the source material could influence the agent's behavior.
  • Ingestion points: SKILL.md (Workflow Step 1: "Read the source material") specifies reading external data provided in arguments.
  • Boundary markers: Absent. The instructions do not provide delimiters or specific warnings for the agent to ignore instructions found within the source material.
  • Capability inventory: The agent is instructed to generate responsive HTML, CSS (Tailwind), and SVG content, and run local verification tools.
  • Sanitization: Absent. There is no explicit requirement to sanitize or escape content from the external sources before including it in the generated HTML artifact.
  • [COMMAND_EXECUTION]: The workflow requires the execution of a verification command to check the generated artifact.
  • Evidence: SKILL.md (Workflow Step 4) instructs the agent to "Run browser-verify before finishing."
  • [EXTERNAL_DOWNLOADS]: The skill references external resources from well-known services to styling the generated HTML.
  • Evidence: SKILL.md (Build Step 3) specifies using "Tailwind CSS via CDN for layout and responsive behavior."
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 08:29 AM
Security Audit — agent-trust-hub — explain-visually