skylar-visual-change
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns were detected. The skill uses standard developer tools and practices. The agent is instructed to modify local files and use git for version control in a way that is consistent with its role as a coding assistant. While it processes natural language input to modify code, the structured seven-step workflow provides sufficient checkpoints to ensure safety and correctness.
- [COMMAND_EXECUTION]: The skill uses git commands such as add, commit, checkout, and revert to manage code changes, which is a standard and safe practice for developer-oriented tools.
- [PROMPT_INJECTION]: The skill processes user requests that could serve as a surface for indirect prompt injection. 1. Ingestion points: Natural language design requests are used to generate code and git commit messages. 2. Boundary markers: The Step 3 PLAN phase and Step 5 VERIFY phase provide manual verification gates for the user to review intended and completed changes. 3. Capability inventory: The skill can modify React components within the apps/web/src/components/ directory and execute git commands. 4. Sanitization: While there is no automated sanitization of designer input, the structured workflow with explicit reporting and verification mitigates potential risks.
Audit Metadata