create-component
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's instructions or reference materials. The skill is designed to scaffold AEM components following Adobe's established best practices.
- [PROMPT_INJECTION]: The skill includes explicit instructions to the agent to enforce project configuration via a gate check. These instructions are designed to ensure consistency and prevent hallucination of project paths rather than to bypass safety protocols.
- [PROMPT_INJECTION]: The skill processes external data from Figma designs, which constitutes a surface for indirect prompt injection. The risk is mitigated by explicit instructions to treat design data as a visual reference only and to prioritize user-provided specifications for functional logic. Evidence: (1) Ingestion point: Figma design data via get_design_context; (2) Boundary markers: Reference-only rule in figma-design-rules.md; (3) Capability inventory: File system read/write; (4) Sanitization: Instruction-based extraction of design tokens.
Audit Metadata