bmad-create-ux-design
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill incorporates an indirect prompt injection surface through its core functionality of reading and synthesizing external project documents.\n
- Ingestion points:
steps/step-01-init.mdperforms discovery and loading of markdown files (e.g.,*brief*.md,*prd*.md) from project-specific directories such as{product_knowledge}anddocs.\n - Boundary markers: The agent implements a control mechanism by requiring the user to explicitly confirm which discovered files should be loaded into the workflow context.\n
- Capability inventory: The skill is capable of reading local project files (
step-01), appending content to the specification document across multiple steps (step-02throughstep-13), and generating HTML files for visual representations (step-08,step-09).\n - Sanitization: The skill does not use specific sanitization techniques or instruction-ignoring delimiters for the content read from external documents.\n- [COMMAND_EXECUTION]: The workflow performs various file operations, including copying a template to create a new UX specification and appending generated sections to that document. It also creates HTML files on the local filesystem to showcase color themes and design mockups.
Audit Metadata