content-asset-creator
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
curlcommands to interact with external APIs and utilizesnpx playwrightfor converting generated HTML files into PDF documents.\n- [EXTERNAL_DOWNLOADS]: The skill communicates with the Gamma Generate API and Vercel's v0 Platform API. It also references external assets from well-known CDNs such as Tailwind CSS and Google Fonts within its HTML templates.\n- [PROMPT_INJECTION]: Processes user-provided content which is interpolated into HTML templates or sent to external generative APIs, creating a surface for indirect prompt injection.\n - Ingestion points: Untrusted content data processed in
SKILL.md.\n - Boundary markers: None identified.\n
- Capability inventory: Subprocess execution (
npx), network requests (curl), and file system writes.\n - Sanitization: The skill description lacks specific details on sanitizing or escaping user-provided data before it is injected into templates or sent to external services.
Audit Metadata