sync-design-system
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions are focused on documentation maintenance and do not contain malicious patterns.
- [DATA_EXFILTRATION]: The skill accesses project-specific files in the 'specs/' directory for reading and writing updates. No sensitive system files are accessed, and no external network communication is initiated.
- [PROMPT_INJECTION]: The skill processes session history and codebase changes which constitutes an indirect prompt injection surface. Evidence: 1. Ingestion points: session history and codebase changes. 2. Boundary markers: absent. 3. Capability inventory: file-write operations within the 'specs/' directory. 4. Sanitization: mitigated by a mandatory user approval step before changes are applied.
Audit Metadata