brand-asset-management
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes sharp-cli via npx to convert SVG brand assets into PNG format as part of the visual identity deployment workflow.
- [EXTERNAL_DOWNLOADS]: Fetches the sharp-cli utility from the NPM registry; while from a well-known service, it introduces a remote dependency during runtime.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and processing untrusted marketplace descriptions and persona inputs.
- Ingestion points: External marketplace listings and persona focus parameters in SKILL.md.
- Boundary markers: None provided; the instructions lack delimiters to isolate untrusted user data from agent instructions.
- Capability inventory: Includes file system write access to project assets and shell command execution via npx.
- Sanitization: No explicit validation or filtering of external content is specified.
Audit Metadata