design2spec
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted design screenshots and URLs, creating a surface for indirect prompt injection where malicious instructions could be embedded to influence the output.
- Ingestion points: SKILL.md workflow step 1 (accepts images, screenshots, URLs, mockups).
- Boundary markers: Not specified in the skill instructions.
- Capability inventory: Text generation for JSONC specifications only; no file-write, network exfiltration, or command execution capabilities.
- Sanitization: No explicit sanitization logic or validation of input data is described.
Audit Metadata