analyze-and-plan
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted external data (URLs and designs) and has file-writing capabilities, which creates an attack surface.\n
- Ingestion points: SKILL.md Step 1 and resources/visual-analysis.md ingest data from reference URLs, screenshots, and design files.\n
- Boundary markers: Absent; no instructions are provided to delimit external content or warn the agent to ignore instructions embedded in the design materials.\n
- Capability inventory: SKILL.md Step 4 specifies a file-write capability to the 'drafts/tmp/' directory.\n
- Sanitization: Absent; no sanitization or path validation is mentioned for external content or the '{block-name}' variable used in file path construction.
Audit Metadata