typst-cards
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install the Typst binary from its official GitHub releases page (https://github.com/typst/typst/releases). This is a standard installation procedure for the rendering engine used by the skill and targets a well-known open-source repository.\n- [COMMAND_EXECUTION]: The skill utilizes shell commands to manage the Typst environment and perform compilation tasks. This includes verifying the installation (typst --version), performing the initial setup, and executing the 'typst compile' command to transform Typst scripts into PNG images. These actions are directly related to the skill's primary functionality.\n- [PROMPT_INJECTION]: The skill features a surface for indirect prompt injection (Category 8) by processing user-supplied guidelines and materials.\n
- Ingestion points: Reads and applies content from user-provided 'DESIGN.md' files and image logos.\n
- Boundary markers: The instructions lack specific delimiters or system-level warnings to disregard instructions that might be embedded within user-provided design specifications.\n
- Capability inventory: The skill has the ability to execute shell commands ('typst compile') and perform file system operations within the project directory.\n
- Sanitization: The skill provides guidance on handling Typst-specific syntax issues but does not implement security-focused sanitization of user-provided text before it is incorporated into the Typst source files.
Audit Metadata