check-svg
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's functionality is limited to scanning project files for SVG tags and suggesting refactoring steps into a dedicated icons directory. It does not perform network operations, access sensitive credentials, or execute arbitrary code.
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to use regular expressions to find content within the project. This is a standard file-processing operation for developer tools and does not involve executing dangerous system commands.
- [DATA_EXPOSURE]: While the skill reads project source code to perform its tasks, it does not target sensitive system files (e.g., .ssh, .env) or attempt to exfiltrate data to external sources.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data by scanning project files. Although this presents a surface where a malicious file could contain instructions disguised as code, there is no evidence of logic that would cause the agent to execute such instructions or bypass safety guardrails.
Audit Metadata