design-dna
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The generation guide in references/generation-guide.md instructs the agent to fetch common visual effect libraries including Three.js, GSAP, and Lottie from the well-known JSDelivr CDN.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing data from external, untrusted URLs and images (Phase 2) without explicit instructions for the agent to handle potential malicious text within those references.
- Ingestion points: User-provided reference design URLs and screenshots in SKILL.md.
- Boundary markers: Not present; the instructions do not explicitly mandate that the agent ignore embedded instructions or use delimiters when processing reference content.
- Capability inventory: The skill uses network operations to fetch page content and assets from remote URLs and generates executable HTML/Javascript code.
- Sanitization: No filtering or validation processes are defined for the text content retrieved from external design sources before it is processed by the agent.
Audit Metadata