design-consistency-auditor
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process untrusted external data in the form of project documentation and frontend source code (*.tsx files).
- Ingestion points: Project structure documentation and React/TypeScript source files identified during the discovery phase.
- Boundary markers: Absent; the skill does not specify delimiters for separating instructions from the audited code content.
- Capability inventory: Limited to file system reading and execution of local shell commands (grep) for pattern matching. No network access or file-write operations are defined.
- Sanitization: None; the agent relies on visual inspection of grep results.
- [Command Execution] (INFO): The checklist includes specific shell commands (e.g.,
grep -n "#[0-9a-fA-F]\{6\}" *.tsx) for auditing code. These are standard static analysis patterns and are considered safe for local execution as they are read-only and restricted to grep.
Audit Metadata