multi-surface-render
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill instructions or reference files. The skill functions as a documentation and rule set for the json-render framework.
- [EXTERNAL_DOWNLOADS]: The skill references legitimate packages from the
@json-renderscope and includes documentation synced from Vercel Labs' public repositories. These references are documented neutrally as they pertain to the skill's primary purpose and involve trusted organizations. - [COMMAND_EXECUTION]: The skill correctly advises against using heavy browser-automation tools like Puppeteer for document generation, recommending native rendering via
@json-render/react-pdfand@json-render/react-emailto reduce resource overhead and dependency surface. - [PROMPT_INJECTION]: No evidence of prompt injection, role-play overrides, or instructions to bypass safety guidelines was found.
- [DATA_EXFILTRATION]: No sensitive file access, hardcoded credentials, or unauthorized network operations were identified. Use of
renderToFileandrenderToBufferAPIs are standard for the documented library.
Audit Metadata