baoyu-infographic
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of Markdown documentation and templates. There are no scripts (Python, JavaScript, Shell), configuration files for package managers (package.json, requirements.txt), or binary executables.
- [Prompt Injection] (SAFE): No instructions were found that attempt to override agent safety filters or bypass system constraints. The instructions focus on content analysis and visual design principles.
- [Data Exposure & Exfiltration] (SAFE): There are no commands for network access (curl, wget) or file system operations that target sensitive user data. All data mentioned are visual hex codes or design parameters.
- [Indirect Prompt Injection] (LOW): The analysis framework requires the agent to extract data 'verbatim' from source material. This creates a surface where malicious text in the input could be mirrored into the output report. However, because the skill has no 'write' or 'execute' capabilities, this represents a low-impact risk limited to the integrity of the generated infographic content.
- [Obfuscation] (SAFE): Thorough scanning for Base64 strings, zero-width characters, and homoglyphs yielded no results.
Audit Metadata