design-style
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): A comprehensive audit of all files revealed no malicious patterns or security risks.
- [PROMPT_INJECTION] (SAFE): The skill uses instructional language to guide the AI towards specific design systems. No 'ignore previous instructions' or bypass patterns were detected. The proactive trigger instructions are standard operational guidelines for utility skills.
- [DATA_EXFILTRATION] (SAFE): The skill configuration allows only 'Read', 'Glob', and 'Grep' tools. It lacks the ability to perform network operations or access sensitive system directories like ~/.ssh or ~/.aws.
- [COMMAND_EXECUTION] (SAFE): The provided shell scripts in the 'scripts/' directory are used for maintenance and verification. They utilize standard commands (ls, find, grep) and do not contain dangerous operations. Furthermore, the skill's YAML configuration does not grant the agent permission to execute arbitrary commands.
- [INDIRECT_PROMPT_INJECTION] (SAFE): Although the skill ingests content from external markdown files in the 'prompts/' directory, these files are part of the skill's own package. The risk of path traversal through the StyleName variable is mitigated by the restricted toolset and the lack of automated writing or exfiltration capabilities.
Audit Metadata