svg-inline
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The instructions involve the use of standard command-line tools such as
npx svgoandwc -cto optimize SVG markup and verify file size reductions in a development environment.\n- [EXTERNAL_DOWNLOADS]: The skill references the execution of thesvgopackage from the npm registry vianpx, which is a standard and well-known service for frontend tooling.\n- [PROMPT_INJECTION]: The skill is designed to scan user-provided code (HTML, React, Vue components), which creates a surface for indirect prompt injection.\n - Ingestion points: Source code files identified for audit in
SKILL.mdandreferences/rule.md.\n - Boundary markers: No specific delimiters or instructions to ignore embedded content are defined.\n
- Capability inventory: The agent is instructed to perform file system reads and execute shell commands (
npx,wc).\n - Sanitization: No specific sanitization or validation of the processed code files is described before analysis.
Audit Metadata