design
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized network activity were detected. The skill operates within the expected boundaries of a technical design assistant.
- [PROMPT_INJECTION]: The skill uses role-assignment prompts for sub-agents to perform specialized research tasks. This is a functional design choice and does not constitute a prompt injection attack against the user or the system guidelines.
- [PROMPT_INJECTION]: The skill processes project source code as part of its design workflow, which presents a surface for indirect prompt injection.
- Ingestion points: Codebase data is ingested through the 'Codebase Scout' sub-agent defined in
investigation-prompts.md. - Boundary markers: Prompt templates do not use specific delimiters to separate codebase data from instructions.
- Capability inventory: The skill writes design files to
docs/plans/and invokes sub-agents for research and analysis. - Sanitization: Content from the codebase is not sanitized before being included in sub-agent prompts.
- Note: This reflects the intended operational model of a codebase-aware design tool and is considered a surface-level risk typical of such applications.
Audit Metadata