trmnl-paper-blade
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill includes a local Python script
scripts/validate_markup.pyfor validating the generated Blade markup. The script uses standard libraries (re,argparse,pathlib) and performs static analysis without network access or sensitive file operations. - [SAFE]: All external URLs and script references (e.g., in
references/components/chart.md) point totrmnl.com, the official domain for the hardware platform this skill supports. These are legitimate resources required for rendering charts and UI elements. - [SAFE]: The skill processes user input (content briefs and descriptions) to generate markup. While this creates a surface for indirect prompt injection, the skill lacks dangerous capabilities (like file writes or network exfiltration) that would be needed to exploit such an injection.
- [SAFE]: No obfuscation, hidden commands, or privilege escalation patterns were detected in the instructions or the accompanying documentation.
Audit Metadata