Skills
skills/lintendo/axhub-make/axure-prototype-workflow/Gen Agent Trust Hub

axure-prototype-workflow

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill triggers a local command-line operation using node scripts/check-app-ready.mjs /pages/[页面名] to validate the state of generated pages.
  • [EXTERNAL_DOWNLOADS]: The get_axure_screenshot tool downloads assets from remote Axure URLs provided by the user into a local directory (temp/axure-screenshots/).
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing untrusted text and metadata from Axure prototypes.
  • Ingestion points: Untrusted data is ingested via get_axure_text, get_axure_sitemap, and get_axure_screenshot tools in asset-extraction.md and page-restoration.md.
  • Boundary markers: The instructions do not define boundary markers or specify that the agent should ignore instructions embedded within the prototype data.
  • Capability inventory: The agent possesses the capability to write files to the src/ and assets/ directories and execute a local Node.js script.
  • Sanitization: There is no evidence of sanitization or validation of the text extracted from the Axure prototype before it is interpolated into prompts for code generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 06:39 AM