design-md

The skill legitimately automates design-system synthesis by retrieving project metadata and screen artifacts and producing DESIGN.md. There is no direct evidence of malicious intent or embedded malware in the described behavior. However, there are practical supply-chain and data-exposure risks: runtime downloads from arbitrary URLs, potential overbroad MCP enumeration, and lack of explicit sanitization of fetched HTML. Implementations should enforce least-privilege credentials, restrict trusted hostnames for asset fetches, parse HTML without executing scripts, and avoid logging raw API responses to untrusted sinks. With these mitigations, the skill is safe to use for its intended purpose.