peach-gen-design
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes instructions to execute local shell commands (e.g.,
ls,bunx vue-tsc,bun run build) to check for existing project components and verify the integrity of generated code. These commands are standard for development environments and are used legitimately here to support the skill's primary function. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted user feedback and requirements from the workflow steps to generate executable code and trigger build commands. There are no explicit boundary markers or sanitization routines described to isolate user-provided data from the agent's logic, which is a common characteristic of development assistants.
Audit Metadata