Skills
skills/jubscodes/get-shit-pretty/gsp-art/Gen Agent Trust Hub

gsp-art

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute node -e commands. This is used to render and verify the visual alignment and color of agent-generated ASCII/Unicode art snippets.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection (Category 8) because it ingests untrusted user input to guide the generation of content that is then executed.
  • Ingestion points: User input for art subject, mood, and size is gathered via AskUserQuestion in SKILL.md.
  • Boundary markers: Absent. There are no instructions or delimiters provided to ensure that user-provided concepts do not escape the intended string context during art generation.
  • Capability inventory: The skill has the Bash tool allowed and uses it to execute arbitrary strings via node -e.
  • Sanitization: Absent. The process does not include steps to sanitize or escape user-provided strings before they are incorporated into the executable art templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 04:01 AM