Skills
skills/shipshitdev/library/html-style/Gen Agent Trust Hub

html-style

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted HTML data provided by the user to apply styling. While the skill lacks dangerous capabilities such as network access, file system operations, or command execution, instructions embedded within the processed HTML could attempt to influence the agent's behavior.
  • Ingestion points: User-provided HTML (SKILL.md)
  • Boundary markers: Absent; there are no instructions to the agent to ignore or delimit instructions found within the input HTML.
  • Capability inventory: None; across SKILL.md and assets/base.css, the skill only generates CSS and client-side JavaScript for the user's browser.
  • Sanitization: Absent; the skill does not mention validation or escaping of the input HTML.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 07:31 AM