gsp-logo
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs authorized file operations within the project directory to support logo design tasks. It reads brand context files and writes logo directions to specific project paths, which is consistent with its stated purpose.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes external project files. 1. Ingestion points: {BRAND_PATH}/BRIEF.md, {BRAND_PATH}/strategy/archetype.md, and other brand identity files. 2. Boundary markers: None specified for the ingested content. 3. Capability inventory: Read, Write, Glob, Grep, WebSearch. 4. Sanitization: No explicit content filtering or escaping is implemented. The finding is classified as safe because the skill's operations are limited to design-related content generation within a local workspace.
Audit Metadata