Skills
skills/dedalus-erp-pas/foundation-skills/create-design-system-rules/Gen Agent Trust Hub

create-design-system-rules

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it processes external design data from a Figma MCP server to generate architectural and styling rules that are persisted in the project's configuration.
  • Ingestion points: Data retrieved from Figma nodes via MCP tool calls like get_design_context and get_metadata.
  • Boundary markers: Absent; there are no specified delimiters or instructions to ignore embedded commands within the fetched design data.
  • Capability inventory: The skill analyzes the local codebase structure and has the capability to write generated rules to the CLAUDE.md file in the project root.
  • Sanitization: The skill does not perform validation or escaping of the external content before incorporating it into the behavioral rule set.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 07:58 AM