chart-designer
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): A comprehensive audit of the skill's code and instructions confirms the absence of malicious patterns. The skill performs legitimate operations related to chart styling and figure management.
- INDIRECT_PROMPT_INJECTION (SAFE): The skill ingests data from a manifest.json file to determine colors and fonts, representing a minor ingestion surface. Evidence: 1. Ingestion points: assets/manifest.json; 2. Boundary markers: Absent; 3. Capability inventory: matplotlib plotting and file writing (PNG/SVG); 4. Sanitization: Uses default values and defensive JSON loading. The risk is negligible as the data is used solely for visual parameters.
Audit Metadata