infographic-item-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process data from local repository files which could potentially contain malicious instructions if the repository is compromised.
- Ingestion points: The skill reads from references/item-prompt.md and scans the src/designs/items directory.
- Boundary markers: There are no explicit instructions or delimiters defined to prevent the model from following instructions embedded within the processed reference files.
- Capability inventory: The skill is capable of reading repository files and generating/writing new TypeScript and TSX code.
- Sanitization: There is no evidence of input validation or sanitization for the content retrieved from the files.
Audit Metadata