open-design

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches its core components from github.com/nexu-io/open-design and references github.com/akillness/oh-my-skills for skill management. Both sources are associated with the tool's official development and the skill's author context.\n- [COMMAND_EXECUTION]: Requires the agent to perform environment setup using git clone, corepack enable, and pnpm install to prepare the local environment.\n- [COMMAND_EXECUTION]: Operates by launching local services and daemons via commands like pnpm tools-dev start and pnpm tools-dev run web.\n- [COMMAND_EXECUTION]: Designed to delegate generation tasks to other locally-installed coding agents such as Claude Code, Cursor, and Gemini CLI.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted user prompts to generate code and media artifacts. Evidence: (1) Ingestion point: User prompt for generation mode in SKILL.md. (2) Boundary markers: Not specified. (3) Capability inventory: File write, edit, and shell access via Bash, Write, and Edit tools. (4) Sanitization: Includes a 'Turn 1 discovery form' to validate parameters before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 01:16 PM
Security Audit — agent-trust-hub — open-design