html-presentation-beautifier
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill's document parsing and structuring workflow (Phase 1 and 2) creates a vulnerability surface for indirect prompt injection. 1. Ingestion points: Untrusted external documents processed via
references/parsing-guidelines.md. 2. Boundary markers: The subagent prompts inreferences/subagent-prompts.mddo not utilize explicit delimiters to wrap untrusted content. 3. Capability inventory: The skill generates HTML and JavaScript files containing user-derived data. 4. Sanitization: No explicit sanitization or filtering of input text is documented. This is classified as low severity because the skill includes mandatory rules for subagents to preserve original content verbatim and prohibits interpretative behavior. - [EXTERNAL_DOWNLOADS]: The skill fetches the Chart.js and ECharts libraries from the official
cdn.jsdelivr.netdomain. These are well-known technology services and are documented here as safe references that do not escalate the risk profile.
Audit Metadata