design-gen
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFENO_CODEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill explicitly forbids the creation of any code files or the generation of source code in languages such as Java, JavaScript, or SQL, focusing entirely on Markdown documentation.
- [DATA_EXFILTRATION]: The template file 'examples/sample_program_design.md' contains an absolute local file path ('C:\Users\86135...'), which reveals private directory structures of the author's workstation.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by processing external requirement documents ('-f') and design updates ('-u'). (1) Ingestion points: 'SKILL.md' via file-based input parameters. (2) Boundary markers: No delimiters or ignore-instructions are specified for the ingested content. (3) Capability inventory: The skill has the ability to write files to the '/projectdocs/design/' directory. (4) Sanitization: No input validation or sanitization is performed on the provided documents.
Audit Metadata