Prototype Designer
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (HIGH): The skill manifest defines capabilities to modify files and create artifacts based on external data (design user flows, testing strategies), establishing a high-severity vulnerability surface. * Ingestion points: Implicit processing of user flows and testing strategies. * Boundary markers: None defined in manifest. * Capability inventory: 'modifies_files' and 'creates_artifacts' are explicitly listed side effects. * Sanitization: No sanitization or validation logic is defined in the manifest.
- No Code (INFO): The analysis is limited to the manifest.yaml file as no executable scripts or prompt instructions were included for review.
Recommendations
- AI detected serious security threats
Audit Metadata