Skills
skills/tendtoyj/tendtoyj-claude-skills/card-news-maker/Gen Agent Trust Hub

card-news-maker

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
  • Ingestion points: Processes 'Approved copy' and 'Visual Asset Plan' (including Lucide SVG paths) from external sources as described in SKILL.md.
  • Boundary markers: The assembly process does not specify any sanitization or escaping when replacing {{placeholder}} markers in the card-news-template.html template.
  • Capability inventory: The skill utilizes Playwright MCP tools (browser_navigate, browser_evaluate) which can execute JavaScript within the browser context where the injected content is rendered.
  • Sanitization: No sanitization or validation of the input content is mentioned before it is interpolated into the HTML structure.
  • [COMMAND_EXECUTION]: Utilizes Playwright MCP to execute browser-side JavaScript for layout management and rendering synchronization.
  • Evidence: The playwright-pipeline.md file contains JavaScript snippets executed via browser_evaluate to hide/show elements, wait for font loading, and handle image loading states.
  • [EXTERNAL_DOWNLOADS]: Fetches web fonts from well-known Google services.
  • Evidence: card-news-template.html includes <link> tags targeting fonts.googleapis.com and fonts.gstatic.com to load 'Nanum Pen Script' and 'Noto Sans KR'.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 01:00 AM