static-page-stack
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends fetching project starter templates and scaffolding from a curated list of reputable external GitHub repositories and official project sites, such as those maintained by Quarto, The Pudding, and Observable HQ.
- [COMMAND_EXECUTION]: Instructions involve using standard CLI tools such as 'quarto', 'excalidraw_export', and 'tldraw-cli' to render documents and export SVG assets during the build process.
- [PROMPT_INJECTION]: The skill establishes a workflow where external templates are ingested and processed. While this constitutes an attack surface for indirect prompt injection, the recommended sources are established community projects and the instructions focus strictly on technical scaffolding.
- [SAFE]: The 'Self-Evolving Skill' instruction encourages the agent to maintain the accuracy of the technical guidance by updating the skill file with reproducible fixes, which is a standard maintenance pattern for developer-oriented agent tools.
Audit Metadata