design
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill ingests untrusted data from local configuration files which could influence downstream agent behavior during design generation phases.
- Ingestion points: Reads brand personality and style preferences from
ai/style.config.mdand~/.claude/style.config.md(SKILL.md). - Boundary markers: Absent; instructions do not specify delimiters or 'ignore' warnings for the loaded configuration content before use.
- Capability inventory: Executes multiple automated design tools (
/state-design,/frontend-design,/ui-revamp) and performs local file writes toai/design-progress.mdand the./proposals/directory. - Sanitization: Absent; configuration values such as 'brand words' are directly incorporated into the creative generation logic without validation or filtering.
Audit Metadata