foundation-lean-canvas
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted user-provided context (e.g., product names, research notes, and market data) and interpolates it into a visual HTML template. This creates a surface for indirect prompt injection or potential cross-site scripting (XSS) if the generated file is opened in a browser. * Ingestion points: User context collection defined in Step 2 of SKILL.md and references/TEMPLATE.md. * Boundary markers: The skill does not specify markers or instructions to delimit or ignore instructions within the user-provided context. * Capability inventory: The skill performs file-writing operations to the local filesystem as described in Step 5 of SKILL.md. * Sanitization: While the skill sanitizes the filename slug for the output file, it does not specify sanitization or escaping for the content placed inside the HTML template placeholders.
Audit Metadata