style-anchors-collection
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to create a directory structure using the mkdir -p shell command to organize the generated artifacts.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the retrieval of code examples from user-specified external URLs, which introduces a reliance on external content to populate the style anchor library.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted code data from external or local sources to generate pattern requirements and common mistakes.
- Ingestion points: Technical requirements files and source code files provided by the user or fetched from URLs.
- Boundary markers: Ingested code content is presented to the model in markdown code blocks, but no specific instructions are provided to ignore potential injection attempts within the content.
- Capability inventory: The skill possesses the capability to read local files, create directories, and write multiple files to the system.
- Sanitization: No explicit sanitization or instruction-filtering logic is defined for the content ingested during the collection process.
Audit Metadata