Skills
skills/freekmurze/dotfiles/code-snippet-images/Gen Agent Trust Hub

code-snippet-images

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a shell script scripts/render.sh to execute google-chrome for image generation. The command is run with the --no-sandbox flag, which disables the browser's primary security sandbox and increases the risk of system compromise if a browser-based exploit is triggered.
  • [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection. It interpolates unvalidated content, such as code snippets and filenames, directly into HTML templates which are subsequently rendered by a headless browser.
  • Ingestion points: Untrusted data is injected into <!-- FILENAME --> and <!-- CODE CONTENT --> placeholders in assets/template.html and assets/grid-2x2.html.
  • Boundary markers: No markers are used to delimit or sanitize the injected content.
  • Capability inventory: The rendered content is processed by google-chrome via scripts/render.sh, which can execute JavaScript and, with the sandbox disabled, may interact with the host system.
  • Sanitization: There is no evidence of HTML escaping or validation of the input strings before they are placed in the templates.
  • [EXTERNAL_DOWNLOADS]: The skill's HTML templates fetch font resources from Google Fonts (fonts.googleapis.com).
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 02:40 AM