brand-to-design-md
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted data from external websites to generate system files and demos.
- Ingestion points: Untrusted brand websites, official press kits, and CSS files identified in SKILL.md.
- Boundary markers: The instructions do not mandate the use of delimiters or explicit 'ignore instructions' warnings when handling content scraped from external sources.
- Capability inventory: The skill allows the agent to write files (DESIGN.md, HTML artifacts) and perform browser operations including console checks and screenshot capture.
- Sanitization: There are no instructions to sanitize or validate the content retrieved from external sources before it is used to generate documentation or code.
Audit Metadata