Skills
NYC
skills/shipshitdev/library/html-style/Gen Agent Trust Hub

html-style

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Prompt Injection (LOW): The skill is susceptible to indirect prompt injection (Category 8) as it is designed to ingest and transform untrusted data (user-provided HTML).
  • Ingestion points: Workflow Step 1 in SKILL.md explicitly instructs the agent to "Read the user's HTML".
  • Boundary markers: Absent. There are no instructions for the agent to use delimiters or ignore potential instructions embedded within the user's HTML.
  • Capability inventory: The agent generates code (HTML, CSS, JS) meant for browser rendering. While it doesn't execute system commands, it creates an execution context in the user's browser.
  • Sanitization: Absent. The skill lacks instructions to sanitize or filter the input HTML before processing.
  • Dynamic Execution (LOW): The skill performs simple script generation (Category 10) by injecting JavaScript for saveDraft and copyToClipboard. These are low-risk as they follow static templates provided in SKILL.md and use standard browser APIs (localStorage, navigator.clipboard).
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:17 PM