ljg-card
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by processing untrusted data from external URLs and user-provided text. * Ingestion points:
references/mode-infograph.md(Step 2) andSKILL.mddescribe fetching content from URLs and files. * Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the processed data. * Capability inventory: The skill usesassets/capture.jsto execute a Playwright-controlled Chromium browser to render content. * Sanitization: There is no evidence of sanitization or escaping of the content before it is interpolated into HTML templates (e.g.,{{BODY_HTML}}). - [COMMAND_EXECUTION]: The skill relies on the execution of local Node.js scripts to perform its core functions. * Evidence:
SKILL.mdand associated mode documents provide instructions to executenode ~/.claude/skills/ljg-card/assets/capture.jsto generate the PNG output. - [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the Playwright library and its associated browser binaries from the NPM registry. * Evidence:
package.jsonincludesplaywrightas a dependency, andSKILL.mdprovides setup commands usingnpmandnpx.
Audit Metadata