Skills
skills/l3digital-net/claude-code-plugins/design-review/Gen Agent Trust Hub

design-review

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODECOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it is designed to ingest and interpret external documents.
  • Ingestion points: The skill instructions in SKILL.md describe reading files from the filesystem via the /design-review [path/to/document.md] command.
  • Boundary markers: There are no defined delimiters or 'ignore instructions' warnings to prevent the agent from executing malicious commands embedded within the design documents it reviews.
  • Capability inventory: The skill's primary function involves reading files directly from the host filesystem.
  • Sanitization: No sanitization or validation logic is specified for the content of the documents being processed.
  • [NO_CODE]: The skill is composed entirely of markdown documentation and YAML metadata; it does not include any Python, JavaScript, or other executable scripts.
  • [COMMAND_EXECUTION]: The skill explicitly instructs the agent to access and read files from the local filesystem to perform its auditing and review tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 08:00 PM