redesign-existing-projects
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill establishes a workflow where the agent ingests untrusted data (existing project codebases) and has the capability to modify files, creating a surface for indirect prompt injection.
- Ingestion points: Reads frameworks, styling methods, and codebase structure from the target project (SKILL.md).
- Boundary markers: No delimiters or instructions are provided to distinguish codebase content from agent instructions or to ignore embedded natural language commands.
- Capability inventory: Authorized to perform file modifications (Step 3: Fix) across the project.
- Sanitization: No validation or filtering is applied to the ingested codebase content before it is processed by the agent.
- [SAFE]: The skill suggests using picsum.photos, a well-known and reputable service for placeholder imagery, as a fallback for missing design assets.
Audit Metadata