Skills
skills/curiositech/some_claude_skills/native-app-designer/Gen Agent Trust Hub

native-app-designer

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection via its research tools.
  • Ingestion points: According to SKILL.md, the agent uses mcp__firecrawl__firecrawl_search to research design patterns from the live web.
  • Boundary markers: The instructions do not specify any markers to isolate or treat external search data as untrusted, which could lead the agent to follow malicious instructions embedded in web pages.
  • Capability inventory: The skill is granted access to high-impact tools including Bash, Write, and Edit (as seen in the allowed-tools section of SKILL.md), and specialized builders like mcp__magic__21st_magic_component_builder.
  • Sanitization: There is no mention of sanitization or filtering of external data before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill's configuration in SKILL.md enables the Bash tool. While no malicious commands are hardcoded in the provided references, this tool provides a powerful capability that increases the potential impact of an injection-based compromise.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 09:10 PM