alphaear-logic-visualizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected. The skill takes user input (logic nodes and title) and interpolates it into prompts in
scripts/visualizer_prompt.pyandreferences/PROMPTS.md. - Ingestion points: User data enters via
{title}and{nodes_json}variables. - Boundary markers: The prompts lack clear delimiters (e.g. triple backticks) to prevent the model from interpreting user data as new instructions.
- Capability inventory: The skill intends to write output to HTML files (per
SKILL.md). - Sanitization: No validation or sanitization is performed on the input data before interpolation.
- [SAFE] (SAFE): No malicious code, obfuscation, or persistence mechanisms were detected in the provided scripts.
Audit Metadata