design-discovery
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of process guidelines for the AI agent to follow during design phases. It does not include any executable scripts, binary files, or network-enabled commands.
- [COMMAND_EXECUTION]: The skill instructions include the creation of documentation files such as
design-state.mdand project briefs. These are standard file system operations intended for documentation management within a project context and do not pose a security risk. - [PROMPT_INJECTION]: The content uses authoritative language to enforce a specific workflow (e.g., "You MUST use this", "DO NOT proceed"). These instructions are legitimate process constraints designed to guide the agent's persona and do not attempt to override the underlying model's safety filters or extract system prompts.
- [DATA_EXPOSURE]: The skill encourages reading existing design documentation and specifications within the project to gather context. This is a standard data ingestion practice for a design-focused agent and does not involve accessing sensitive system files, environment variables, or hardcoded credentials.
Audit Metadata