peach-gen-design
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides explicit instructions for the agent to execute shell commands such as
ls,bun run build, andbunx vue-tscto inspect the project structure and validate generated Vue 3 components within the local environment. These are standard developer tasks aimed at ensuring code quality and compatibility. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external user requirements to generate executable code.
- Ingestion points: User input defining screen types and functional requirements, as well as iterative feedback collected in files like SKILL.md.
- Boundary markers: Absent; user requests are integrated into the design logic without explicit delimiters or instructions to ignore embedded commands.
- Capability inventory: The agent can list files and execute local build/validation scripts using Bun.
- Sanitization: Absent; no specific sanitization or filtering is applied to the user's natural language design descriptions.
- [SAFE]: The design references and component guides provided in the skill follow industry best practices for accessibility (WCAG 2.2), layout, and typography. All external resource references are consistent with the vendor's own framework patterns and pose no risk.
Audit Metadata