infographic-structure-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill ingests data from local files like references/structure-prompt.md to guide code generation. While this is an indirect prompt injection surface, it is a standard design for context-aware coding tools and is considered safe due to the lack of dangerous capabilities like network access or automated command execution.
- [Data Exposure] (SAFE): The skill scans local source directories (src/designs/structures) to match existing patterns. This file system access is restricted to the project codebase and does not target sensitive system locations or user credentials.
- [Dynamic Execution] (SAFE): The skill generates TypeScript code but does not include mechanisms for its immediate execution within the skill's own environment.
Audit Metadata