design-an-interface
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface by interpolating unvalidated user requirements into prompts for sub-agents.
- Ingestion points: User-provided module descriptions and requirements collected in the 'Gather Requirements' step are directly placed into the prompt template used in the 'Generate Designs' step within SKILL.md.
- Boundary markers: The prompt template lacks delimiters (e.g., XML tags, triple quotes) or explicit instructions to the sub-agents to ignore embedded commands within the requirement strings.
- Capability inventory: The skill uses the 'Task tool' to spawn sub-agents; it does not explicitly invoke file system access, network operations, or shell command execution.
- Sanitization: No input validation, escaping, or instruction filtering is implemented to process the user requirements before they are interpolated into the sub-agent prompt.
- [SAFE]: No evidence of hardcoded credentials, unauthorized network communication, persistence mechanisms, or malicious obfuscation was found in the skill content.
Audit Metadata