html-tools
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and downloads libraries from well-known and trusted CDN services including cdnjs.cloudflare.com and cdn.jsdelivr.net.\n- [REMOTE_CODE_EXECUTION]: Provides implementation patterns for running WebAssembly-based environments like Pyodide (Python) and Tesseract.js (OCR) loaded from official CDN mirrors.\n- [PROMPT_INJECTION]: The skill enables the processing of untrusted data from various browser-based ingestion points, creating a surface for indirect prompt injection.\n
- Ingestion points: Data is received via the clipboard (paste events), local files (FileReader), and URL parameters (URLSearchParams) as described in references/patterns.md.\n
- Boundary markers: The provided templates do not include specific delimiters or instructions to ignore embedded commands in the processed data.\n
- Capability inventory: The resulting tools can perform network operations using fetch() and persist data in localStorage.\n
- Sanitization: Examples demonstrate the use of textContent for safe UI updates, though the skill does not mandate a specific sanitization library for complex data rendering.
Audit Metadata