xhs-style-imitator
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is composed exclusively of Markdown documentation and prompt templates. No executable scripts, such as Python or Node.js, are present in the package.
- [SAFE]: There are no malicious commands, hardcoded credentials, or obfuscated blocks. The skill functions as a structured guide for the AI's native text processing capabilities.
- [PROMPT_INJECTION]: The skill is intended to process user-supplied text samples and external links to identify stylistic patterns. This creates a surface for indirect prompt injection, though the impact is limited by the skill's lack of access to system commands or sensitive data. Evidence: 1. Ingestion points: Text samples, info.json, detail.txt, and knowledge base links. 2. Boundary markers: Not utilized in the prompt templates. 3. Capability inventory: Text generation only; no file-writing or subprocess execution. 4. Sanitization: No explicit input cleaning or escaping instructions are included.
Audit Metadata