design-dna-extractor
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's documentation directs users to install components from an external GitHub repository (
github.com/zanwei/design-dna) and vianpx, which are outside the verified vendor scope. This is a standard installation pattern for this type of tool but involves downloading code from a third-party source.- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to ingest and process content from untrusted external URLs and user-provided screenshots. - Ingestion points: Data enters the agent context via external web URLs and visual analysis of screenshots (SKILL.md).
- Boundary markers: There are no explicit instructions or delimiters mentioned to prevent the agent from following malicious commands that might be embedded in the analyzed designs.
- Capability inventory: The skill has the capability to generate executable HTML, CSS, and JavaScript code based on the extracted data.
- Sanitization: The instructions do not specify any validation or sanitization of the extracted content before it is used to generate UI code.
Audit Metadata