visualize
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's HTML templates fetch visualization libraries (Vega, Vega-Lite, and D3) from the jsDelivr Content Delivery Network (CDN). This is a standard and expected practice for web-based tools and utilizes a well-known, trusted source.
- [COMMAND_EXECUTION]: Includes a Python utility (
scripts/visualizer.py) intended for managing saved visualizations. The script uses only the Python standard library to perform file operations (creation, listing, searching, and deletion) within a dedicated user directory (~/.visualizer-skill/). - [PROMPT_INJECTION]: The skill ingests user-provided data to generate HTML visualizations, which represents a standard indirect injection surface.
- Ingestion points: User-provided data enters the agent context during the implementation phase (SKILL.md).
- Boundary markers: Data is embedded as structured JSON within the generated HTML, providing separation between content and logic.
- Capability inventory: The skill produces browser-runnable HTML files and utilizes a script to write these files to the local file system.
- Sanitization: Relies on the declarative grammar of Vega/D3 and standard JSON serialization to mitigate execution risks.
Audit Metadata