visual-brand-extractor
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to analyze public website data for branding elements like colors and typography. This is performed using standard agent tools (WebFetch).
- [COMMAND_EXECUTION]: The skill generates and saves reports to a local
clients/directory. This behavior is transparently described and necessary for the skill's functionality. - [DATA_EXFILTRATION]: There is no evidence of sensitive data being sent to external servers. Network operations are limited to fetching target websites explicitly provided by the user.
- [PROMPT_INJECTION]: The skill processes external data from websites, which constitutes an indirect prompt injection surface. However, the instructions guide the agent to extract specific technical attributes (hex codes, font families), which significantly limits the potential for executing malicious instructions embedded in the target site.
Audit Metadata