time-svg-creator
Pass
Audited by Gen Agent Trust Hub on Jul 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized network activity detected. The skill is designed to create localized SVG and Markdown files based on specific input data.\n- [PROMPT_INJECTION]: The skill processes untrusted input data (time, timezone, and formatted fields) which is interpolated into SVG and Markdown templates. While this presents a surface for indirect prompt injection, the risk is minimal given the skill's specific purpose and localized file operations.\n- Ingestion points: Input parameters (time, timezone, formatted) defined in SKILL.md.\n- Boundary markers: None present to delimit or isolate untrusted content.\n- Capability inventory: File writing via the Write tool to the agent-teams/output/ directory as specified in SKILL.md.\n- Sanitization: No escaping, validation, or filtering of input strings is performed before interpolation.
Audit Metadata