team-design
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a productivity tool for design synthesis and does not contain any malicious patterns.
- [COMMAND_EXECUTION]: It leverages git and the gh (GitHub CLI) to pull metadata and diffs from repositories and GitHub issues. These commands are used solely to provide context to the agent team.
- [PROMPT_INJECTION]: The skill processes content from external sources like GitHub PRs and issues. While this exposes the agent to untrusted text, the impact is limited to the design discussion context. The skill lacks the capabilities to perform high-risk actions like arbitrary code execution or credential exfiltration based on this input. 1. Ingestion points: Context is loaded via git and gh commands. 2. Boundary markers: The skill instructs the lead agent to provide sub-agents with full context, but does not explicitly use delimiters to wrap untrusted data. 3. Capability inventory: Access is restricted to git, gh, and spawning sub-agents via the Task tool. 4. Sanitization: No explicit sanitization is noted, which is standard for analysis-focused skills.
Audit Metadata