Skills
skills/kenneth-liao/ai-launchpad-marketplace/newsletter-visuals/Gen Agent Trust Hub

newsletter-visuals

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFENO_CODE
Full Analysis
  • [NO_CODE]: The skill consists entirely of markdown instructions and reference files. It does not include any scripts, binaries, or executable code that could perform unauthorized actions on the host system.
  • [PROMPT_INJECTION]: The skill processes untrusted data (newsletter drafts) to generate image prompts, which represents an indirect prompt injection surface. However, this is mitigated by a mandatory human-in-the-loop workflow requiring the user to approve a 'Visual Brief' before any generation occurs (Step 4).
  • [COMMAND_EXECUTION]: The skill does not perform any shell command execution or subprocess spawning. All operations are handled via designated internal tools (e.g., art:nanobanana).
  • [DATA_EXFILTRATION]: No network operations or external data transfer patterns were detected. File access is limited to reading design systems and reference materials in standard configuration paths.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 01:32 AM