Design System Patterns
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns detected across the 10 threat categories.
- [Data Exposure & Exfiltration] (SAFE): The skill interacts with design files via specific tool calls (
mcp__pencil__get_variables,mcp__pencil__set_variables). No evidence of hardcoded credentials, sensitive file access (like SSH keys), or data exfiltration to external domains was found. - [Remote Code Execution] (SAFE): There are no patterns involving the download or execution of remote scripts. No package installations (npm/pip) are performed.
- [Indirect Prompt Injection] (LOW): The skill defines patterns for reading and writing design token data from files. While it lacks explicit boundary markers for this data, the impact is confined to the UI design tool's internal state (colors, spacing, etc.) and does not expose host system capabilities.
- [Dynamic Execution] (SAFE): The JavaScript-like snippets provided in the documentation are examples of DSL (Domain Specific Language) calls for the Pencil environment and do not constitute arbitrary code execution on the user's machine.
Audit Metadata