ascii-cli-logo-banner-figletjs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [External Downloads] (SAFE): The skill utilizes the 'figlet' npm package, which is a widely recognized and legitimate library for generating ASCII art.
- [Prompt Injection] (SAFE): The skill ingests user-controlled text fields such as 'brand' and 'slogan' to generate banners. While this provides a surface for indirect prompt injection, it is a standard and benign feature of text-formatting utilities. Evidence: 1. Ingestion points: 'brand', 'slogan', and 'hint' parameters in SKILL.md. 2. Boundary markers: None identified. 3. Capability inventory: Execution of a local script 'scripts/figlet_banner.mjs' via Node.js. 4. Sanitization: Not specified in the provided metadata.
Audit Metadata