generate-implementation-design
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted PRD input to generate design files, creating a surface for indirect prompt injection.\n
- Ingestion points: User-provided PRD content in Phase 1 of SKILL.md.\n
- Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are specified in the prompt logic.\n
- Capability inventory: The skill has the capability to write files to the local filesystem (Phase 2, Step 4).\n
- Sanitization: Includes specific logic to replace illegal path characters with '-', which mitigates basic path traversal, but lacks output content sanitization for instructions embedded within the PRD.\n- [NO_CODE]: The skill contains no executable code, scripts, or external dependencies, significantly reducing the direct technical attack surface beyond prompt-based interactions.
Audit Metadata