d3js-visualization
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill serves as an educational resource for the D3.js library and does not contain executable malicious code.
- [SAFE]: No unauthorized network activity or sensitive data access patterns were found.
- [PROMPT_INJECTION]: The skill includes code patterns that present an indirect prompt injection surface. Specifically, the tooltip implementation in SKILL.md uses .html() to render data, which can be exploited if the data contains malicious scripts. Ingestion points: Data passed to createBarChart, createLineChart, and createPieChart in SKILL.md. Boundary markers: Not present in code templates. Capability inventory: DOM manipulation and event handling via D3. Sanitization: Not implemented in the provided examples.
Audit Metadata