NYC

Prototype Designer

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill manifest defines capabilities to modify files and create artifacts based on external data (design user flows, testing strategies), establishing a high-severity vulnerability surface. * Ingestion points: Implicit processing of user flows and testing strategies. * Boundary markers: None defined in manifest. * Capability inventory: 'modifies_files' and 'creates_artifacts' are explicitly listed side effects. * Sanitization: No sanitization or validation logic is defined in the manifest.
  • No Code (INFO): The analysis is limited to the manifest.yaml file as no executable scripts or prompt instructions were included for review.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 10:37 PM