superdesign
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads initialization and operational guidelines from the author's official GitHub repository at github.com/superdesigndev/superdesign-skill.
- [COMMAND_EXECUTION]: Installs the vendor's official @superdesign/cli package globally using NPM to enable design management capabilities.
- [COMMAND_EXECUTION]: Executes multiple superdesign CLI commands to initialize the design environment, create projects, manage drafts, and extract UI components from the codebase.
- [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface via the extract-brand-guide feature, which processes content from arbitrary user-provided URLs.
- Ingestion points: Website content retrieved from URLs passed to the extract-brand-guide command.
- Boundary markers: No specific delimiters or instructions to ignore embedded commands are used when processing the external content.
- Capability inventory: The skill has the ability to execute shell commands, install software packages, and read/write files within the project directory.
- Sanitization: No sanitization or validation of the external content is described before it is integrated into the agent's workflow.
Audit Metadata