mobile-design
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses 'Anti-Memorization' and 'Anti-Default' protocols in 'mobile-design-thinking.md' and 'SKILL.md' that are specifically designed to override the agent's base training and default response patterns. While used here for design quality, these are functionally behavioral hijack patterns.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection. The script 'scripts/mobile_audit.py' reads and processes untrusted content from user project files. Malicious instructions embedded in these files (e.g., within code comments) could influence the agent's behavior after reading the linter output.
- Ingestion points: 'scripts/mobile_audit.py' (file read loop).
- Boundary markers: None identified in the script output to separate tool data from instructions.
- Capability inventory: The skill has 'Bash', 'Read', and 'Grep' permissions, allowing for significant file system and command-line actions if the agent is manipulated.
- Sanitization: None; the script uses regex for pattern matching but does not sanitize content before displaying it to the agent.
Audit Metadata