Laniameda Brand Design
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill includes an instruction to source all textual content from an external file (
lib/content.ts), creating a surface for indirect prompt injection.\n - Ingestion points:
lib/content.ts(referenced in SKILL.md rules).\n - Boundary markers: None specified for the external content interpolation.\n
- Capability inventory: Access to Pencil MCP tools including
batch_design,get_screenshot, andopen_document.\n - Sanitization: No sanitization or validation steps are defined for the ingested content.\n- [SAFE]: Command-line references (e.g.,
npx @laniameda/agent-hub) are used exclusively as mockup text for terminal UI components and do not constitute executable instructions or unauthorized downloads.
Audit Metadata