svg-illustration
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill consists of static documentation and SVG templates for slide deck creation. It does not contain any executable scripts, binary files, or suspicious network activities. All local references follow standard project structures associated with the author narumiruna.
- [EXTERNAL_DOWNLOADS]: The documentation in 'references/troubleshooting.md' recommends installing 'svglint', which is a standard, open-source utility for SVG validation available via the npm registry. This is a common tool used by developers to ensure the quality of vector assets.
- [PROMPT_INJECTION]: The skill addresses potential indirect prompt injection risks by providing specific instructions in 'references/troubleshooting.md' on how to escape XML entities (e.g., converting '&' to '&'). Ingestion points: The skill guides the creation of SVG text elements in 'references/core-rules.md' and 'references/output-examples.md'. Boundary markers: The skill relies on SVG XML structure. Capability inventory: There are no scripts with dangerous capabilities such as subprocess execution or file system modification. Sanitization: The documentation explicitly provides a guide for character escaping.
Audit Metadata