design-to-beads
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: No security vulnerabilities or malicious patterns were identified. The skill follows best practices for task decomposition and incorporates human-in-the-loop checkpoints before executing system commands.
- [PROMPT_INJECTION]: The skill ingests untrusted design documents in Phase 1 without explicit boundary markers. It possesses capabilities to execute 'bd' shell commands and launch 'Task' subagents in Phase 5. Sanitization and validation are provided by three independent subagent review passes in Phase 3 and a final user validation checkpoint in Phase 4.
- [COMMAND_EXECUTION]: The skill generates 'bd' command-line calls by interpolating text extracted from user-provided documents. While this represents a standard operational pattern for this utility, the implementation includes a mandatory user confirmation step before any commands are executed.
Audit Metadata