Skills
skills/skill-zero/s/landing-page-design/Gen Agent Trust Hub

landing-page-design

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses the belt CLI to run various AI-powered applications, such as falai/flux-dev-lora for image generation and tavily/search-assistant for market research. These are standard operations for the skill's intended purpose.\n- [EXTERNAL_DOWNLOADS]: References the installation of the belt CLI tool and additional skills from the inference-sh and belt-sh GitHub organizations. These references are part of the core functionality provided by the vendor ecosystem.\n- [PROMPT_INJECTION]: The skill uses search tools to gather information from external websites, creating a surface for indirect prompt injection where untrusted content could influence agent behavior.\n
  • Ingestion points: Market research and social proof statistics retrieved from tavily/search-assistant and exa/answer (SKILL.md).\n
  • Boundary markers: No specific delimiters or instructions to ignore embedded content are used when processing search results.\n
  • Capability inventory: The agent can execute belt commands to interact with remote AI services (SKILL.md).\n
  • Sanitization: No explicit sanitization or validation of the retrieved web content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 01:34 AM