implement
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands for project orchestration, including dependency management with pnpm, version control with git, and executing test suites via vitest and playwright.\n- [EXTERNAL_DOWNLOADS]: Fetches design metadata from Figma using MCP tools and interacts with GitHub for repository management and pull request creation. It also performs standard package installations via pnpm.\n- [REMOTE_CODE_EXECUTION]: Dynamically manages task execution by spawning specialized sub-agents with specific model assignments (e.g., unit-test-writer, figma-builder) to execute implementation and review tasks.\n- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes external content from implementation plans, project configuration, and design specifications.\n
- Ingestion points: Reads files from
docs/arc/plans/,package.json, and Figma context.\n - Boundary markers: No explicit delimiters are present to distinguish between instructions and data in the ingested content.\n
- Capability inventory: Possesses the ability to execute shell commands, modify local files, and spawn autonomous sub-agents.\n
- Sanitization: No explicit sanitization or filtering is applied to ingested content before it is processed by the agent or sub-agents.
Audit Metadata