gsd-ui-review
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided input through the {{GSD_ARGS}} variable without applying sanitization or utilizing boundary markers to isolate the input from the agent instructions. Ingestion points: User input enters via the {{GSD_ARGS}} parameter defined in SKILL.md. Boundary markers: No delimiters or instructions to ignore embedded commands are present. Capability inventory: The skill can spawn sub-agents (spawn_agent) and read/execute local workflow files. Sanitization: No validation or escaping logic is applied to the input before it is used in the workflow context.
- [COMMAND_EXECUTION]: The skill is designed to execute locally stored workflow files and coordinate complex tasks through agent spawning, which are standard but powerful capabilities for its intended visual audit purpose.
Audit Metadata