design-system-pro
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill incorporates local command execution for system validation and automation. Evidence: Executes 'bun x tailwindcss --check' and references local scripts 'scripts/validate-contrast.py' and 'scripts/generate-theme-json.ts'.
- [PROMPT_INJECTION]: The skill architecture presents an indirect prompt injection surface through its token processing pipeline. Evidence: 1. Ingestion points: External 'tokens.json' files (references/token-pipelines.md). 2. Boundary markers: None identified in documentation or implementation patterns. 3. Capability inventory: Script execution (Python/TypeScript) and Bun package runner. 4. Sanitization: No specific validation or sanitization logic is described for the incoming token data.
Audit Metadata