Skills
skills/nexu-io/open-design/live-dashboard/Gen Agent Trust Hub

live-dashboard

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill generates executable HTML and JavaScript code but mitigates risks by including a dedicated sanitization function e() to escape HTML special characters before rendering dynamic data, protecting against cross-site scripting (XSS) and indirect prompt injection.
  • [SAFE]: Authentication tokens and integration secrets are handled via a local daemon proxy (/api/od/connectors/poll) and resolved server-side, preventing credential exposure within the generated artifact.
  • [SAFE]: The skill uses the file_write capability appropriately to create dashboard and configuration files within the project workspace, with no evidence of unauthorized file system access or persistence mechanisms.
  • [SAFE]: No obfuscation, metadata poisoning, or unauthorized privilege escalation patterns were detected in the skill's instructions or templates.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 01:09 PM