Skills
skills/oakoss/agent-skills/brand-designer/Gen Agent Trust Hub

brand-designer

Pass

Audited by Gen Agent Trust Hub on Feb 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill defines React components that interpolate untrusted user data directly into SVG templates, which could be exploited to inject malicious text or SVG content.
  • Ingestion points: File references/templates.md contains components like SocialPost and BusinessCard that accept user-provided strings as props.
  • Boundary markers: The skill uses standard React JSX interpolation braces.
  • Capability inventory: The skill is capable of local file system writes using the sharp library as shown in references/asset-management.md.
  • Sanitization: There is no evidence of input validation, length limiting, or escaping for user-provided strings before they are rendered in the SVG templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 23, 2026, 05:12 AM