design-md
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands, specifically the GitHub CLI (
gh) andjq, to list and fetch file contents from a remote repository via the GitHub API.\n- [EXTERNAL_DOWNLOADS]: It downloads markdown files from the third-party GitHub repositoryVoltAgent/awesome-design-md. While intended for design templates, this source is not verified or part of a trusted organization.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from an external source which is then read by the agent.\n - Ingestion points: Design templates are downloaded from the external
VoltAgent/awesome-design-mdrepository into the project'sDESIGN.mdfile.\n - Boundary markers: The instructions do not define boundary markers or clear separations to prevent the agent from following instructions potentially embedded within the downloaded markdown content.\n
- Capability inventory: The skill has the ability to execute shell commands (
gh) and perform file system writes (> DESIGN.md).\n - Sanitization: There is no evidence of sanitization or validation of the remote content before the agent is prompted to process and adapt it.
Audit Metadata