create-design-system-rules
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill establishes a workflow where the agent ingests data from the local codebase and external Figma designs to generate persistent instructions in the
CLAUDE.mdfile, which creates a surface for indirect prompt injection. - Ingestion points: Local codebase source files and Figma MCP server tool outputs.
- Boundary markers: Absent; the skill does not instruct the agent to use delimiters or ignore instructions embedded within the data it analyzes.
- Capability inventory: The skill has the capability to modify the project's
CLAUDE.mdfile, providing a persistence mechanism for any injected instructions to influence future agent interactions. - Sanitization: No sanitization or verification of the content extracted from the codebase or Figma tools is required before it is used to generate the final design rules.
Audit Metadata