design-an-interface
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. User-provided data (module descriptions and requirements) is interpolated into prompt templates for sub-agents in SKILL.md. \n
- Ingestion points: [module description] and [gathered requirements] variables.\n
- Boundary markers: Absent; user input is directly concatenated into instructions.\n
- Capability inventory: Spawns sub-agents via the Task tool; no direct file or network access.\n
- Sanitization: None provided for user-input fields.\n- [DATA_EXFILTRATION] (SAFE): No evidence of hardcoded credentials, sensitive file access, or unauthorized network operations.\n- [REMOTE_CODE_EXECUTION] (SAFE): The skill does not download external scripts or use dynamic execution functions like eval or exec.
Audit Metadata