ai-design-brief
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The helper script
scripts/run.pyestablishes network connections tohttps://ai-skills.aito fulfill the skill's primary function. This communication is legitimate as it targets the official service domain associated with the skill author. - [PROMPT_INJECTION]: The skill processes untrusted input through fields like
materialUrlandmaterialText. This is an indirect prompt injection surface where external content could contain instructions intended to deviate the agent from its design analysis task. - Ingestion points: Untrusted data enters the agent's context through parameters defined in
references/form-schema.json, specifically those accepting text and URLs. - Boundary markers: No specific delimiters or safety warnings are present in the skill's instructions to prevent the agent from obeying embedded instructions in the user's design materials.
- Capability inventory: While the skill reads external data, it does not demonstrate capabilities for arbitrary local file writes, system command execution, or other high-risk local operations based on that data.
- Sanitization: The skill logic transmits the input directly to the backend API without local validation or escaping of the content.
Audit Metadata