pencil
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill consists of technical documentation for the Pencil design system. No obfuscation, data exfiltration, or prompt injection patterns were detected in the instructional content.
- [COMMAND_EXECUTION]: The skill describes how to utilize MCP tools (e.g., pencil_batch_design, pencil_batch_get, pencil_get_screenshot) to programmatically interact with design files. These operations are within the expected functionality of the design agent.
- [EXTERNAL_DOWNLOADS]: The documentation references tools that fetch design guidelines and visual directions from the official vendor platform at pencil.dev. These references are legitimate and necessary for the tool's primary purpose.
Audit Metadata