ascii-art
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to install and use several standard system utilities (cowsay, boxes, toilet, jp2a, ascii-image-converter) and the pyfiglet Python library. These operations are required for the skill's primary purpose and are legitimate.
- [EXTERNAL_DOWNLOADS]: The skill fetches data from multiple remote sources, including asciified.thelicato.io, wttr.in, qrenco.de, and ascii.co.uk. These sources are used to retrieve ASCII-related content and do not involve the execution of remote code.
- [REMOTE_CODE_EXECUTION]: While automated scans may flag the pattern of downloading content from ascii.co.uk to a temporary file, manual analysis confirms that the downloaded HTML is parsed via regular expressions to extract text art. The content is never executed as a script or passed to a shell, mitigating RCE risks.
- [DATA_EXFILTRATION]: No sensitive local data or credentials are accessed or transmitted. Network operations are confined to the documented utility APIs.
Audit Metadata