add-icon
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill identifies a surface where untrusted data enters the agent context. (1) Ingestion point: GitHub Linguist repository via raw.githubusercontent.com. (2) Boundary markers: Absent from the instructions. (3) Capability inventory: Modification of TypeScript files (languageMapping.ts, customIcons.ts) and documentation updates. (4) Sanitization: No sanitization or validation of the external YAML content is specified. While the risk is low given the data's use, the lack of defensive measures against malicious instructions in external content is noted.
Audit Metadata