design-system
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface
- Ingestion points: The skill ingests untrusted data from external websites when performing competitor research (Mode 1) and visual audits (Mode 2).
- Boundary markers: No specific delimiters or instructions to ignore embedded commands within the fetched web content are defined in the instructions.
- Capability inventory: The agent has the capability to read local styling files (CSS, Tailwind) and write new files (
DESIGN.md,design-tokens.json,design-preview.html) based on the results of the external processing. - Sanitization: The skill does not specify any sanitization or filtering of the content retrieved from external URLs before it is processed by the agent.
Audit Metadata