design-md
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs its stated function of design analysis using appropriate tools. It retrieves data via a dedicated MCP server (Stitch) and generates documentation files. No unauthorized network activity or credential exposure was detected.
- [PROMPT_INJECTION]: The skill is designed to ingest and process external HTML/CSS code, which creates a potential surface for indirect prompt injection.
- Ingestion points: HTML source code is downloaded via
web_fetchfrom URLs provided by the MCP server (documented inSKILL.md). - Boundary markers: There are no explicit markers or instructions to the agent to disregard instructions potentially hidden within the processed HTML comments or strings.
- Capability inventory: The skill utilizes
web_fetchfor network access andWritefor file generation. - Sanitization: The skill extracts design tokens through parsing but does not include specific sanitization logic to strip executable content or instructions from the input data.
Audit Metadata