figma-create-design-system-rules
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill establishes a workflow for generating persistent rules for AI agents based on an analysis of the existing local codebase, which introduces an indirect prompt injection surface.\n
- Ingestion points: Local source code files (e.g., components, styles, and architecture) are analyzed in Step 2 to determine project-specific conventions.\n
- Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' markers to ensure the agent distinguishes between architectural patterns and potential malicious instructions embedded within the analyzed files.\n
- Capability inventory: The skill uses the 'create_design_system_rules' tool and performs file-write operations to sensitive agent configuration files including CLAUDE.md, AGENTS.md, and Cursor rules (.mdc files).\n
- Sanitization: Absent. The skill does not prescribe validation or sanitization of the data extracted from the codebase before it is interpolated into the generated rule templates.
Audit Metadata