typography-audit
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is composed of Markdown files that provide rules and examples for web typography (e.g., punctuation, font selection, and spacing). No executable scripts (.py, .js, .sh), configuration files for package managers (package.json, requirements.txt), or compiled binaries were found.
- [SAFE]: There are no network-active patterns, such as data exfiltration or remote script downloads. All URL references point to well-known typography documentation, font foundries, or official services like Google Fonts and Adobe Fonts.
- [SAFE]: No obfuscation (e.g., Base64, zero-width characters), privilege escalation attempts, or persistence mechanisms were detected. The skill's operations are limited to reading its own rule files and auditing user-provided text.
- [SAFE]: Although the skill is designed to process untrusted data (user-provided CSS and HTML), it does not utilize any high-risk tools such as subprocess execution, network requests, or file-writing capabilities. Consequently, the risk from indirect prompt injection is negligible as any potential malicious instructions in the audited data would have no exploitable path within the skill's capabilities.
Audit Metadata