landing-page
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to generate a static HTML file from user-provided details. No malicious behaviors, obfuscation, or persistence mechanisms were detected.
- [EXTERNAL_DOWNLOADS]: The generated landing page includes a script tag referencing
https://cdn.tailwindcss.com. This is a well-known, trusted service for providing the Tailwind CSS framework via CDN and is documented here for transparency. - [PROMPT_INJECTION]: The skill facilitates the creation of content using untrusted user input, which constitutes a surface for indirect prompt injection.
- Ingestion points: User-provided fields in the 'Gather the Brief' section (e.g., Business name, Value proposition).
- Boundary markers: None used; the input is directly interpolated into the HTML template.
- Capability inventory: The skill uses
WriteandEdittools to save the generated code to the local file system. - Sanitization: There are no instructions for the agent to sanitize or escape user input before generating the HTML file, which is a standard design pattern for this specific use case.
Audit Metadata