web-asset-generator
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill runs local Python scripts with user-supplied arguments, creating a potential surface for command injection if inputs are not properly escaped by the executing agent.
- [EXTERNAL_DOWNLOADS]: The skill involves installing standard Python libraries like Pillow, pilmoji, and emoji from the public PyPI repository.
- [PROMPT_INJECTION]: The skill handles untrusted user data that could be used for indirect prompt injection.
- Ingestion points: User-provided text slogans and project descriptions passed to scripts.
- Boundary markers: No delimiters are specified to isolate user input within the agent's context.
- Capability inventory: The agent can execute shell commands and modify local project files such as layout.tsx and index.html.
- Sanitization: No explicit input validation or sanitization is described in the skill's instructions.
Audit Metadata