Skills
skills/oscarangulo/skills/nextjs-og-image/Gen Agent Trust Hub

nextjs-og-image

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • COMMAND_EXECUTION (LOW): The skill recommends a python3 one-liner in SKILL.md and satori-gotchas.md to extract image metadata from local files. This involves executing a shell command to perform local file reading and processing.
  • PROMPT_INJECTION (LOW): (Category 8: Indirect Prompt Injection surface) The generateMetadata implementation in SKILL.md trustfully ingests the x-forwarded-host header without validation. This creates a surface for Host Header Injection, which can allow an external attacker to control metadata URLs (og:image, twitter:image) in the generated site. 1. Ingestion point: headersList.get('x-forwarded-host') in SKILL.md. 2. Boundary markers: None. 3. Capability inventory: Influences metadataBase and social sharing preview URLs. 4. Sanitization: None.
  • EXTERNAL_DOWNLOADS (LOW): The references/satori-gotchas.md file suggests fetching font data from fonts.gstatic.com. This is a trusted external source (Google), so the finding is downgraded to LOW per the TRUST-SCOPE-RULE.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 06:25 PM