Skills
skills/prorise-cool/claude-code-multi-agent/design-specialist/Gen Agent Trust Hub

design-specialist

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (LOW): Indirect Prompt Injection surface detected across multiple sub-agents. The skill's architecture allows the agent to ingest untrusted data from the internet and subsequently modify the local project environment.
  • Ingestion points: The WebSearch and WebFetch tools are enabled in design_brand-guardian.md, design_ui-designer.md, design_ux-researcher.md, and design_visual-storyteller.md.
  • Boundary markers: Absent. There are no specific instructions or delimiters used to separate fetched web content from the agent's core instructions.
  • Capability inventory: The agents have access to Write and MultiEdit tools, allowing them to create or change project files based on untrusted web data.
  • Sanitization: No sanitization or validation logic is present to filter or escape content retrieved from the web before it is processed by the LLM or written to files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:10 PM