Skills
skills/erichowens/some_claude_skills/native-app-designer/Gen Agent Trust Hub

native-app-designer

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its operational workflow.
  • Ingestion points: The skill utilizes mcp__firecrawl__firecrawl_search to retrieve design patterns and research from external, untrusted websites (File: SKILL.md).
  • Boundary markers: There are no specified delimiters or instructions to the agent to treat external search results as untrusted content or to disregard embedded instructions within that data.
  • Capability inventory: The agent is granted highly privileged tools, including Bash, Write, and Edit, which allow for system command execution and file modification.
  • Sanitization: No sanitization, filtering, or validation steps are defined for the data retrieved via the search tool before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill explicitly allows the Bash tool (File: SKILL.md). While intended for design-related development tasks, providing arbitrary command execution capability increases the potential impact of any successful prompt injection or exploitation of the agent's workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 12:52 PM