design-system
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill instructs the agent to install and use various third-party development tools via npm and npx (e.g., style-dictionary, mitosis, storybook). While these are industry-standard packages, they involve downloading and executing external code.\n- [COMMAND_EXECUTION] (LOW): The skill relies on shell commands for its core functionality, including build processes (e.g., 'npx mitosis compile') and API interactions (e.g., 'curl').\n- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection through external data sources.\n
- Ingestion points: Data enters from Figma files via the REST API and MCP server ('figma/SKILL.md') and from design token JSON files ('design-tokens/SKILL.md').\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided templates.\n
- Capability inventory: The agent can execute shell commands, perform network requests, and generate source code based on these inputs.\n
- Sanitization: No validation or sanitization of external design content is specified.
Audit Metadata