css-tokens
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- SAFE (SAFE): No malicious patterns or security vulnerabilities detected. The skill's behavior is limited to reading local directory names and writing a static reference file based on its internal data.
- Indirect Prompt Injection (INFO): The skill has a minimal attack surface. It ingests local directory names to suggest file paths but does not process untrusted external data. It includes a mandatory user confirmation step before writing any files, ensuring the user maintains control over the filesystem changes.
Audit Metadata