design-critique
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of markdown documentation and instructional guidelines. No scripts, binaries, or automated configuration files are included.
- [Indirect Prompt Injection] (LOW): As a design critique tool, the skill is intended to process external data (via WebFetch and browser tools). While this represents a surface for indirect prompt injection if an attacker-controlled website contains malicious instructions, this is a general risk associated with the skill's primary function. No specific vulnerabilities or lack of safeguards were found beyond standard operational risks.
- Ingestion points: Tools
WebFetchandmcp__claude-in-chrome__*are used to ingest external web content. - Boundary markers: None explicitly defined in the prompt instructions.
- Capability inventory: File reading (
Read), web fetching (WebFetch), and browser interaction (mcp__claude-in-chrome). - Sanitization: Standard LLM guardrails are assumed; no skill-specific sanitization is implemented.
Audit Metadata