Skills
skills/zephyrwang6/draw-skill/chart-craft/Gen Agent Trust Hub

chart-craft

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as mkdir -p to create temporary directories, cd for navigation, and open to launch the generated HTML files in a browser for user preview.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx getdesign@latest to fetch the getdesign package from the NPM registry during the style selection workflow. This introduces a runtime dependency on external code.
  • [REMOTE_CODE_EXECUTION]: The execution of npx getdesign involves downloading and running code from a remote source (NPM) on the local environment to process brand design tokens.
  • [PROMPT_INJECTION]: The skill processes user-provided chart descriptions and interpolates them directly into HTML templates, creating a surface for indirect injection.
  • Ingestion points: User-supplied descriptions and chart data in the 'Step 2: 收集内容' workflow within SKILL.md.
  • Boundary markers: None identified to separate user data from the HTML/CSS structure.
  • Capability inventory: Shell command execution (npx, mkdir, open) and local file system write access.
  • Sanitization: There are no instructions for sanitizing or escaping user input before it is embedded into the generated HTML files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 11:34 AM