design-orchestration
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (HIGH): Vulnerable to Indirect Prompt Injection via processed design artifacts. * Ingestion points: Reads 'Initial Design' and 'Decision Log' to determine risk assessment (Step 2) and execution readiness (Step 5). * Boundary markers: Absent; there are no delimiters or instructions provided to the agent to disregard embedded commands or adversarial instructions within the design documents. * Capability inventory: The skill directly controls critical transitions to 'implementation planning' and 'execution', making it a high-value target for hijacking agent behavior. * Sanitization: Absent; the logic trusts the content of the design logs to categorize risk and readiness.
- [NO_CODE] (LOW): This is a meta-skill consisting entirely of markdown instructions. While it lacks executable scripts, its role as a logic gate for other skills creates a significant security surface through prompt manipulation.
Recommendations
- AI detected serious security threats
Audit Metadata