tech-design-generation
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate analysis of local project files to automate the creation of engineering documentation. No signs of data exfiltration, obfuscation, or malicious intent were found.\n- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8) because it processes untrusted data from the local codebase and external documentation during its analysis phase.\n
- Ingestion points: In Step 1 and Step 2 of the workflow (SKILL.md), the agent reads local files using glob patterns and
grep, specifically targeting source code, READMEs, and requirement documents (docs/*/prd.md,docs/*/srs.md).\n - Boundary markers: The skill employs a sub-agent boundary for the generation phase (Step 4), though it lacks explicit instructions to treat all ingested file content as untrusted text rather than instructions.\n
- Capability inventory: The skill possesses file-read (glob, grep) and file-write capabilities (creating
docs/directories and Markdown files) to fulfill its primary purpose.\n - Sanitization: While the skill sanitizes filenames via slugification, there is no explicit sanitization or escaping described for the content extracted from external files before it is used in the final document generation.\n- [COMMAND_EXECUTION]: The skill utilizes
grepand filesystem globbing to inspect the repository structure. These operations are restricted to information gathering as part of the core functionality and do not involve the execution of arbitrary or elevated shell commands.
Audit Metadata