deneb-visuals
Warn
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill includes a 'Repository Index' and 'How to Fetch' guide in references/community-examples.md pointing to multiple third-party GitHub accounts (e.g., avatorl, clemviz, shadfrigui) for downloading Deneb templates. These external sources are not part of a verified trust chain. Additionally, a shortened URL (bit.ly/VickyVega) is provided for an AI tool.
- [COMMAND_EXECUTION]: The workflow in SKILL.md requires the use of shell commands such as jq for validating JSON structure and the pbir command-line utility for report modifications.
- [REMOTE_CODE_EXECUTION]: The instructions in SKILL.md recommend installing the pbir-cli utility using pip or uv, which involves the installation and subsequent execution of code from public registries.
- [PROMPT_INJECTION]: The skill ingests untrusted data from various community repositories. While visualization specs are declarative, they are fetched from external sources and integrated into report files using local tooling, creating a potential attack surface for indirect prompt injection via compromised content.
- Ingestion points: references/community-examples.md (Raw GitHub URLs for templates)
- Boundary markers: None identified in the workflow
- Capability inventory: jq, pbir CLI commands used for file validation and report modification
- Sanitization: jq empty is used for basic syntax validation
Audit Metadata