svg-art
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No security issues were detected. The skill provides legitimate utility scripts for vector graphics generation.
- External Dependencies (SAFE): All scripts exclusively use Python's standard library (argparse, math, sys, re). No untrusted external packages or remote downloads were found.
- Data Privacy (SAFE): No sensitive file access or network exfiltration patterns were detected. The scripts only read and write SVG data as explicitly directed by CLI arguments.
- Dynamic Execution (SAFE): No instances of eval(), exec(), or subprocess execution were found. The logic is purely computational and string-based SVG construction.
- Indirect Prompt Injection (LOW): While the optimizer script processes external SVG files, it uses static regular expressions for minification and does not interpret or execute instructions embedded in the data. There are no exploitable capability chains.
Audit Metadata