tui-line-progress
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or dangerous capabilities were detected. The skill acts as a formatting and layout engine for creating ASCII-based user interface components.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted user-provided JSON data to generate downstream commands for the Pencil MCP tool.
- Ingestion points: The workflow starts by parsing a user-provided JSON input model in SKILL.md.
- Boundary markers: None identified; instructions do not specify delimiters for external content.
- Capability inventory: Generates PENCIL_BATCH_DESIGN specifications used to invoke Pencil MCP tool operations.
- Sanitization: No validation or sanitization of the input JSON fields is performed prior to interpolation into output blocks.
Audit Metadata