design-an-interface
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or executable scripts were identified. The skill is entirely composed of markdown-based design guidelines and prompt templates.
- [PROMPT_INJECTION]: The skill interpolates user-provided requirements into sub-agent prompts, creating a surface for indirect prompt injection. This surface is considered safe as the skill lacks any dangerous capabilities like network access or file system modification.
- Ingestion points: User-provided 'module description' and 'gathered requirements' defined in the workflow.
- Boundary markers: The prompt template uses brackets as placeholders but lacks explicit delimiters or instructions for the agent to ignore embedded instructions.
- Capability inventory: Employs the 'Task' tool to spawn sub-agents; no network, file-write, or shell execution capabilities are present.
- Sanitization: No sanitization or validation of user input is implemented.
Audit Metadata