Skills
skills/abpai/skills/visualize/Gen Agent Trust Hub

visualize

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches versioning information from the author's repository at raw.githubusercontent.com/abpai/skills to check for updates.
  • [COMMAND_EXECUTION]: Instructs the agent to execute shell commands (open or xdg-open) to display generated HTML files in the user's browser.
  • [COMMAND_EXECUTION]: Provides an update path via npx skills update visualize, which executes a package from the author's environment.
  • [REMOTE_CODE_EXECUTION]: The generated visualizations load scripts from established content delivery networks including esm.sh, cdn.jsdelivr.net, and cdn.tailwindcss.com.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it transforms user-provided descriptions into executable HTML and JavaScript code.
  • Ingestion points: User descriptions of plans, code flows, or systems in SKILL.md.
  • Boundary markers: The skill lacks explicit delimiters for user content but provides developer instructions to avoid innerHTML to mitigate cross-site scripting (XSS).
  • Capability inventory: File writing to ~/.agent/diagrams/ and browser execution via open/xdg-open in SKILL.md.
  • Sanitization: Recommends avoiding innerHTML when interpolating user content into the HTML templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 04:21 PM