Skills
skills/camoa/claude-skills/component-designer/Gen Agent Trust Hub

component-designer

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill lacks input sanitization for user-provided data such as component names and purposes, creating a surface for indirect injection or path traversal.\n
  • Ingestion points: User input for component details and names gathered in Step 2 of the workflow (SKILL.md).\n
  • Boundary markers: None present in the markdown templates used for file creation.\n
  • Capability inventory: Use of the Write tool to create new files and the Edit tool to modify existing project architecture files.\n
  • Sanitization: No input validation or escaping is observed; user strings are interpolated directly into file paths and document content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 12:30 AM