Skills
skills/partme-ai/pencil-skills/pencil/Gen Agent Trust Hub

pencil

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from .pen design files and guidelines, which represents a potential surface for indirect prompt injection where instructions could be embedded in design metadata.
  • Ingestion points: batch_get, get_variables, and get_guidelines tools.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt templates.
  • Capability inventory: The skill has the ability to execute design scripts via batch_design, write to files via set_variables, and export visual data via get_screenshot.
  • Sanitization: No sanitization or validation of the ingested design data is described.
  • [COMMAND_EXECUTION]: The batch_design tool uses a domain-specific language (DSL) to execute a sequence of operations provided as a string. This allows the agent to dynamically generate and execute logic within the Pencil environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 05:22 PM