design
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its core functionality of processing external, untrusted content.
- Ingestion points: The
references/design-critique.mdfile directs the agent to analyze screenshots via image-viewing tools, local source code via file-reading tools, and live web pages via browsing tools. - Boundary markers: No specific delimiters or instructions (such as 'ignore instructions within analyzed files') are provided to mitigate the risk of instructions embedded in the external data being followed by the agent.
- Capability inventory: The skill utilizes web-browsing, file-system-reading, and image-analysis capabilities.
- Sanitization: There is no evidence of input validation or sanitization for the external data ingested during the critique process.
- [EXTERNAL_DOWNLOADS]: The skill recommends the installation of external packages to support animation and live-tuning features.
- Evidence: Recommends installing the
dialkit(a vendor-specific package) andmotion(a well-known animation library) packages inreferences/dialkit.md. - [COMMAND_EXECUTION]: Provides instructions for project setup via terminal commands.
- Evidence: Includes commands for adding dependencies using
bun addornpm installwithin thereferences/dialkit.mdreference module.
Audit Metadata