youmind-webpage-generator
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the '@youmind-ai/cli' package from the official npm registry to interact with the YouMind service.
- [COMMAND_EXECUTION]: The skill executes shell commands using the 'youmind' CLI for API interactions and uses 'node -e' to parse JSON responses. These commands are consistent with the skill's stated purpose.
- [DATA_EXFILTRATION]: User-provided webpage descriptions and metadata are sent to 'youmind.com' and 'preview.youmind.com'. This data transfer is necessary for the AI generation service provided by the vendor.
- [PROMPT_INJECTION]: The skill processes user-provided descriptions which are interpolated into API calls for AI processing. While this constitutes an indirect prompt injection surface, there are no instructions present that attempt to bypass safety guidelines or override agent behavior.
Audit Metadata