liatrio-brand-guidelines
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads brand configuration and image assets from the vendor's official domain (liatrio.com). These downloads are necessary for the skill's primary function of applying brand guidelines.\n- [COMMAND_EXECUTION]: The skill uses local bash scripts to fetch and manage brand assets. These scripts use curl and jq to process structured data from the vendor.\n- [PROMPT_INJECTION]: Indirect prompt injection surface identified through external data ingestion.\n
- Ingestion points: External brand data is fetched from https://www.liatrio.com/brand-data.json via scripts/fetch-brand-data.sh and scripts/download-brand-assets.sh.\n
- Boundary markers: None. The skill lacks explicit markers or instructions for the agent to ignore potential commands embedded in the fetched brand data.\n
- Capability inventory: The skill can execute shell scripts (fetch-brand-data.sh, download-brand-assets.sh) and perform network operations via curl.\n
- Sanitization: Filenames are sanitized using the basename command to prevent path traversal during asset downloads, but the JSON content itself is not sanitized for natural language instructions.
Audit Metadata