code-quality-checks
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Installs standard web development tools including htmlhint, csslint, linkinator, and @axe-core/cli from the official NPM registry.
- [COMMAND_EXECUTION]: Uses shell commands to manage global package installations and execute validation tools against project files.
- [COMMAND_EXECUTION]: Spawns a local background process using Python's built-in HTTP server to facilitate link checking of static assets.
- [PROMPT_INJECTION]: The skill processes external content from local files (*.html, styles.css) and a remote website (https://riksdagsmonitor.com), providing an indirect prompt injection surface. Evidence: 1. Ingestion points: Local HTML/CSS files and remote website content. 2. Boundary markers: Absent. 3. Capability inventory: Execution of subprocesses (npm, python3, htmlhint, csslint, linkinator, axe). 4. Sanitization: Absent. This represents a potential vulnerability surface where malicious instructions embedded in processed data could attempt to influence the agent, though no active exploitation is found in the skill code.
Audit Metadata