@1892/design-md
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches content from an external GitHub repository (
github.com/VoltAgent/awesome-design-md) that is not identified as a trusted or well-known source. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted markdown data and incorporates it into the agent's execution context.
- Ingestion points: Remote
DESIGN.mdfiles are downloaded from theVoltAgent/awesome-design-mdrepository into the project root as specified in the 'Quickstart' section ofSKILL.md. - Boundary markers: There are no protective delimiters or explicit instructions to ignore embedded prompts when the agent reads the downloaded file.
- Capability inventory: The skill has access to powerful tools including
Bash,Read, andWrite, which could be abused if the agent obeys malicious instructions hidden in a design file. - Sanitization: The skill does not perform any validation or sanitization on the external markdown files before passing them to the agent for processing.
Audit Metadata