d3-viz
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection / XSS (MEDIUM): The
InteractiveChartcomponent inassets/interactive-template.jsxis vulnerable to Cross-Site Scripting (XSS) through its tooltip implementation. - Ingestion points: The component ingests untrusted data via the
dataprop. - Boundary markers: Absent. There are no delimiters or validation checks for the data content.
- Capability inventory: The component uses
d3.select(...).html()to dynamically update the DOM with content from the data object. - Sanitization: Absent. The code directly interpolates data properties like
d.labelandd.categoryinto an HTML string within themouseoverevent handler (assets/interactive-template.jsxlines 105-112). - Risk: If the data source is influenced by an attacker or a malicious prompt (e.g., an LLM generating data for visualization), they could inject malicious
<script>tags or attributes (e.g.,onerror) that execute in the user's browser context. - Data Exposure (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network exfiltration patterns were detected in the analyzed files.
- Obfuscation (SAFE): The code is clear and does not use Base64, homoglyphs, or other techniques to hide malicious intent.
- Remote Code Execution (SAFE): The skill relies on standard libraries (
d3,react) and does not perform any remote script downloads or dynamic execution of external code.
Audit Metadata