InDesign
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the flue Python package from PyPI (pip install flue) and references its source code on GitHub. These are vendor-owned resources from sfkislev used to provide the skill's core automation framework and require explicit user approval before installation.\n- [REMOTE_CODE_EXECUTION]: The skill is designed to generate and execute ExtendScript code within the Adobe InDesign application runtime. This dynamic execution is the primary intended functionality of the bridge, allowing the agent to perform complex operations inside desktop software.\n- [COMMAND_EXECUTION]: The agent uses shell commands to interact with local Python bridge scripts (e.g., indesign_bridge.py). This mechanism pipes scripts through stdin and receives results as structured JSON on stdout, following a consistent automation contract.\n- [DATA_EXFILTRATION]: The skill contains a hardcoded reference to a local file path (C:\Users\fredd\.claude\skills\flue\SKILL.md). This path is used for operational guidance and finding local documentation for the Flue framework if already installed on the system.\n- [PROMPT_INJECTION]: The skill processes untrusted data from desktop applications (ingestion points: InDesign documents, spreads, and text flows). While it lacks explicit boundary markers for this data, its capabilities are scoped to application-specific scripts (capability inventory: subprocess calls to indesign_bridge.py). The skill provides safety guidance emphasizing human oversight and returns structured JSON (sanitization: structured output normalization).
Audit Metadata