Skills
skills/twwch/openskills/infographic-item-creator/Gen Agent Trust Hub

infographic-item-creator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill ingests data from external and local sources to drive code generation with write capabilities.\n
  • Ingestion points: references/item-prompt.md and the src/designs/items directory.\n
  • Boundary markers: Absent. The workflow does not include instructions to treat data as untrusted or to ignore embedded commands.\n
  • Capability inventory: The skill can create and update TypeScript/TSX files within the src/designs/items directory.\n
  • Sanitization: Absent. No validation is performed on the content retrieved from scanned files before interpolation into the generated output.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 10:59 AM