check
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing content from external files such as CSS, HTML templates, and Markdown documentation. This external content could contain malicious instructions designed to manipulate the agent's behavior during the audit process.
- Ingestion points: Project files identified and read via
GlobandReadtools in standard directories (e.g.,static/css/,internal/templates/,*.md). - Boundary markers: Absent. The skill does not implement delimiters or explicit instructions to the agent to ignore or isolate instructions found within the data being analyzed.
- Capability inventory: The skill is limited to diagnostic capabilities including
Glob,Read, andGrep. It has no permissions to write files, execute subprocesses, or perform network requests. - Sanitization: Absent. File content is processed directly for pattern matching without prior validation or escaping.
- [EXTERNAL_DOWNLOADS]: The documentation references several well-known and vendor-specific tools for integration into development workflows, including the
axe-coreaccessibility engine,stylelint-config-standard, and the author's own@fyrsmithlabs/design-checkpackage. These references target trusted industry tools or the vendor's own official resources.
Audit Metadata