logo-designer
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes untrusted project files to determine design context, which creates a surface for indirect prompt injection.\n
- Ingestion points: Reads content from README.md, package.json, pyproject.toml, Cargo.toml, go.mod, and other project-related documents to extract brand identity.\n
- Boundary markers: The instructions do not define delimiters or warn the agent to ignore instructions embedded within the analyzed project files.\n
- Capability inventory: The skill's capabilities are restricted to reading project files and writing SVG assets to the /assets/logo/ directory. It does not have access to the network or the ability to execute shell commands, which limits the risk of an injection attack.\n
- Sanitization: There is no mention of sanitizing or validating the content ingested from the project files before it is processed or used to generate outputs.\n- [SAFE]: No high-severity issues such as hardcoded credentials, remote code execution, persistence mechanisms, or unauthorized data exfiltration were detected. The file access is restricted to standard project metadata and documentation.
Audit Metadata