setup
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill conducts a standard codebase scan to identify styling systems, component libraries, and project configuration (e.g., package.json, components.json). It does not request access to sensitive credentials, environment variables, or network resources.
- [PROMPT_INJECTION]: The skill ingests data from external project files which presents an indirect prompt injection surface.
- Ingestion points: Reads content from README.md, package.json, and other local documentation files to synthesize project goals.
- Boundary markers: The skill does not employ specific delimiters or boundary instructions when processing ingested text.
- Capability inventory: Access is restricted to file system read and write operations for project-specific metadata; no remote code execution or network exfiltration capabilities are present.
- Sanitization: No validation or sanitization of the ingested strings is performed before they are written to the design context files.
Audit Metadata