simple-visual
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is restricted to generating a static documentation file (docs/visual.md) using a defined markdown template. It does not utilize any dangerous tools, network capabilities, or privilege escalation mechanisms.
- [PROMPT_INJECTION]: The skill defines an extraction mode that reads untrusted data from the codebase, such as CSS styles and configuration files, to identify design patterns. While this constitutes an indirect prompt injection surface, the risk is negligible as the skill's only capability is producing a documentation file.
- Ingestion points: Codebase files including CSS, Tailwind configurations, and component source code.
- Boundary markers: Not explicitly defined in the skill instructions for the ingested content.
- Capability inventory: File writing to 'docs/visual.md'. No tools for shell execution, network requests, or model invocation are enabled.
- Sanitization: No explicit sanitization of input data is mentioned, but the output is intended for static documentation purposes.
Audit Metadata