claude-design
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains functional directives to ignore platform-specific tool references from hosted environments to ensure correct behavior in a local CLI context.
- [PROMPT_INJECTION]: The workflow creates a surface for indirect prompt injection by ingesting untrusted data from repository files and brand documentation to guide the design process. Ingestion points: Reads local project files for context gathering. Boundary markers: None provided to isolate ingested data from agent instructions. Capability inventory: Local file system read access and generation of HTML artifacts. Sanitization: No specific validation procedures are mentioned in the skill text.
Audit Metadata