design-brief
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill ingests untrusted external data and writes it to the local filesystem.
- Ingestion points: User feature descriptions and external Figma design data (SKILL.md).
- Boundary markers: Absent; no delimiters are used to separate untrusted content from system instructions.
- Capability inventory: File-writing capability to create markdown files in the project directory (SKILL.md).
- Sanitization: Absent; no validation for the '[name]' variable used in filenames or for the content of the brief.
Audit Metadata