design-video
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection via user-controlled data.
- Ingestion points: The
$ARGUMENTSvariable inSKILL.mdaccepts untrusted user input which is then processed by vision and design subagents. - Boundary markers: The instructions do not define clear delimiters or include warnings for the agent to ignore instructions embedded within the provided video or argument content.
- Capability inventory: The skill allows the agent to perform directory creation and file writes (e.g.,
plan.md, phase files, and functional HTML/CSS/JS implementation), creating a risk if malicious instructions are successfully injected. - Sanitization: No input validation, filtering, or sanitization logic is present to handle potentially malicious argument content.
Audit Metadata