Skills
skills/phrazzld/claude-config/brand-logo/Gen Agent Trust Hub

brand-logo

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes a local validation utility located at ~/Development/brand-kit/dist/src/cli.js to process brand.yaml content. It also performs shell-based image processing using npx and a for loop.
  • [EXTERNAL_DOWNLOADS]: Uses npx to fetch and execute svgo and sharp-cli. These are well-known image optimization and manipulation tools from the public npm registry.
  • [PROMPT_INJECTION]: The skill interpolates external data into LLM instructions, creating an attack surface for both direct and indirect injection.
  • Ingestion points: Data is ingested from the brand.yaml file and the user-provided --prompt argument.
  • Boundary markers: The prompt template lacks explicit delimiters or instructions for the LLM to ignore potentially malicious commands embedded in the brand identity data.
  • Capability inventory: The skill has the capability to execute local scripts via node, download/execute packages via npx, and write files to the local directory (e.g., assets/ and brand.yaml).
  • Sanitization: There is no evidence of sanitization or escaping of the brand name, colors, or personality traits before they are interpolated into the generation prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 02:26 PM