ljg-present
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate file and web operations (reading content and writing an HTML document) to fulfill its stated purpose of presentation generation.
- [SAFE]: The HTML template includes an escapeHtml function that sanitizes content before rendering, effectively preventing Cross-Site Scripting (XSS) attacks from potentially malicious input text.
- [SAFE]: The skill processes external data from URLs or files, presenting a surface for indirect prompt injection. However, the distillation instructions require the agent to reduce text to keywords, which naturally sanitizes the content. Ingestion points: WebFetch for URLs and Read for file paths (SKILL.md). Boundary markers: None specified. Capability inventory: Read, WebFetch, and File Write (SKILL.md). Sanitization: Distillation process filters content; output uses escapeHtml.
Audit Metadata