agent-d3js-skill
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No security issues detected. The skill contains standard D3.js implementation patterns for charts, interactions, and responsive design across 27 files. Code examples follow best practices for data visualization and do not include any dangerous system calls, credential exposure, or data exfiltration logic.
- External Dependencies (LOW): The skill references the official D3.js CDN (d3js.org) for script loading and suggests standard npm installation. These are standard and trusted practices for the intended functionality.
- Indirect Prompt Injection (LOW): While the skill processes external data for visualization, it lacks any high-privilege capabilities (such as file system writing or command execution) that could be exploited via malicious data labels. The surface is restricted to client-side DOM manipulation for rendering.
Audit Metadata