Skills
skills/wentorai/research-plugins/json-data-visualizer/Gen Agent Trust Hub

json-data-visualizer

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides setup instructions for cloning the JSON Crack repository and executing commands such as npm install, npm run dev, and docker run to deploy the tool locally.
  • [EXTERNAL_DOWNLOADS]: It references the official GitHub repository and the legitimate jsoncrack-react package on NPM for tool installation and integration.
  • [PROMPT_INJECTION]: As the tool is designed to visualize data from external sources like API responses (e.g., CrossRef), it inherently possesses an indirect prompt injection surface; however, this is a standard risk for data processing tools.
  • [SAFE]: No malicious patterns, such as hardcoded credentials, exfiltration commands, or obfuscated content, were detected. The skill functions as a legitimate documentation resource.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 03:11 PM
Security Audit — agent-trust-hub — json-data-visualizer