tui-tabs
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides structured instructions for generating ASCII art (TUI_RENDER) and JSON specifications (COMPONENT_SPEC, PENCIL_SPEC) for a Tabs component. It is purely focused on content formatting.
- [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive file paths or network-capable commands (such as curl or wget) were found in the instructions or examples.
- [COMMAND_EXECUTION]: The skill does not instruct the agent to execute any shell commands or interact with the underlying operating system.
- [REMOTE_CODE_EXECUTION]: There are no patterns suggesting the download or execution of remote scripts or the installation of third-party packages.
- [INDIRECT_PROMPT_INJECTION]: The skill defines a workflow to parse an 'input model JSON' (Step 1). This is an ingestion point for untrusted data. However, since the skill only produces text/JSON output and does not invoke dangerous tools, the impact of malicious content in the input is limited. The instructions currently lack specific boundary markers for this input data.
Audit Metadata