landing-page-generator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The generated search functionality fetches the MiniSearch library from the JSDelivr CDN (cdn.jsdelivr.net), which is a well-known and widely used technology service for open-source delivery.\n- [PROMPT_INJECTION]: The skill processes untrusted repository documentation to generate site content, which represents a surface for indirect prompt injection.\n
- Ingestion points: The skill reads README.md, CHANGELOG.md, package.json, and documentation files within the target repository.\n
- Boundary markers: The skill does not define specific delimiters or instructional guards when extracting content from source files.\n
- Capability inventory: The skill reads local files from the project and writes a complete landing page structure to a new local directory.\n
- Sanitization: The search-base.js template includes an escapeHtml function to sanitize data rendered in the user interface.
Audit Metadata