frontend-design
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Task tool to source local shell scripts (
id-generator.shandindex-updater.sh) located in the plugin root to automate file organization and sequential ID generation. - [COMMAND_EXECUTION]: The skill uses the Edit tool to modify the
jaan-to/config/settings.yamlconfiguration file to store design-related user preferences. - [PROMPT_INJECTION]: The agent is instructed to read and strictly follow instructions from external markdown files (
pre-execution-protocol.mdandlanguage-protocol.md), which acts as an indirect control flow mechanism. - [PROMPT_INJECTION]: The skill processes potentially untrusted data from user-specified PRD files and project context files (
tech.md,design.md). Ingestion points: Context files and user-defined PRD paths. Boundary markers: Absent. Capability inventory: File writing to output directories and configuration editing. Sanitization: Not explicitly defined.
Audit Metadata