vchart-development-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides Python utility scripts (
generate_demo_html.py,generate_diagnosis_html.py, andgenerate_diagnosis_react_html.py) that generate interactive HTML pages. - These scripts read from local templates and write output to the file system.
- This behavior is a core part of the skill's functionality, used to provide users with visual feedback on their chart configurations.
- [EXTERNAL_DOWNLOADS]: The generated HTML templates reference several external JavaScript libraries via the jsDelivr CDN.
- Specifically, the templates load the VChart charting library, the Monaco Editor, React, and Babel from
cdn.jsdelivr.net. - These are well-known and established services used to provide interactive chart previews and code editing capabilities.
- [PROMPT_INJECTION]: The skill is designed to process user-provided code snippets, which creates a surface for indirect prompt injection.
- Ingestion points: User-defined chart specifications and React component code are ingested via files or command-line arguments (found in
scripts/generate_demo_html.pyandscripts/generate_diagnosis_react_html.py). - Boundary markers: The generation scripts do not implement specific delimiters to isolate user-provided code within the resulting HTML templates.
- Capability inventory: The skill can write files to the local file system and generate HTML files that execute JavaScript in a browser context.
- Sanitization: The Python scripts use basic string escaping to mitigate simple code injection attempts within the generated output.
Audit Metadata