svg-icon-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): Analysis of the skill's structure reveals an exploitable surface for indirect prompt injection. Ingestion points: The skill processes user-supplied requests and data via the 'Read' tool as specified in the allowed-tools metadata. Boundary markers: There are no delimiters or 'ignore' instructions to prevent the agent from executing commands found within input data. Capability inventory: The skill is granted 'Bash', 'Write', and 'Edit' capabilities, which could be exploited if malicious instructions are processed. Sanitization: No input validation or sanitization mechanisms are described in the skill definition.
Audit Metadata