design-system
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its ingestion of local specification files.
- Ingestion points: The skill reads context from
specs/product_specs.mdandspecs/architecture.md. - Boundary markers: No explicit delimiters are defined to separate ingested file content from internal instructions.
- Capability inventory: The skill is capable of writing to the local
specs/design_system.mdfile. - Sanitization: The skill does not perform sanitization or validation of the ingested text.
- [NO_CODE]: Analysis of the skill's file structure confirms it consists entirely of markdown instructions and reference documents, with no executable scripts or binary files included.
Audit Metadata