pencil-mcp-get-editor-state
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains safety-oriented constraints labeled as 'Intent Recognition' and 'CRITICAL PREREQUISITE'. These are beneficial instructions that prevent the agent from executing the tool unless the user has explicitly mentioned 'Pencil', reducing the risk of accidental or malicious invocation through vague prompts.
- [DATA_EXFILTRATION]: No network operations (such as curl or fetch) or exfiltration patterns were found. The tool is designed to retrieve design-specific context like selections and page IDs within a local design environment.
- [COMMAND_EXECUTION]: The skill does not define or execute any shell commands, subprocesses, or system-level scripts.
- [REMOTE_CODE_EXECUTION]: No remote resources are downloaded, and the skill does not include any dynamic execution patterns or external dependencies.
Audit Metadata