Skills
skills/hrdtbs/agent-skills/infographic-creator/Gen Agent Trust Hub

infographic-creator

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill loads the AntV Infographic visualization library from the well-known unpkg.com content delivery network.- [COMMAND_EXECUTION]: The skill utilizes a file-writing tool to save generated HTML documents to the local file system.- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it takes untrusted user input and interpolates it directly into a script context within a generated HTML file.
  • Ingestion points: User-provided text content used to generate the infographic (SKILL.md).
  • Boundary markers: Data is structured into template blocks (data, theme), but no specific delimiters are used to prevent script breakout in the HTML template.
  • Capability inventory: Uses the Write tool to create and save files locally.
  • Sanitization: There are no instructions provided to the agent to escape backticks or HTML tags in user content before rendering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 07:01 AM