Skills
skills/thatjuan/agent-skills/logo-studio/Gen Agent Trust Hub

logo-studio

Warn

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run shell commands like open, xdg-open, or start to display the generated results. Because the filename is built using the user-provided brand name, this creates a potential command injection vector if the input is not sanitized.\n- [EXTERNAL_DOWNLOADS]: The assets/gallery-template.html file links to Google Fonts at fonts.googleapis.com. This is an external reference to a well-known service used for the skill's typographic functionality.\n- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection through user inputs during the brand discovery phase.\n
  • Ingestion points: Discovery Interview inputs in SKILL.md (e.g., brand name, values).\n
  • Boundary markers: Absent; there are no instructions to use delimiters or safety guards for user-controlled content.\n
  • Capability inventory: File writing and shell command execution (open, xdg-open, start) as described in SKILL.md.\n
  • Sanitization: No validation or escaping is specified for user data used in filenames or shell commands.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 18, 2026, 04:00 AM