Skills
skills/aradotso/devtools-skills/open-design-ai-prototyping/Gen Agent Trust Hub

open-design-ai-prototyping

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone an external software repository from GitHub (github.com/nexu-io/open-design.git) and download dependencies using package managers (pnpm install).
  • [COMMAND_EXECUTION]: The skill uses system-level commands to manage its local services, including pnpm for starting/stopping tools and pkill for process management. It also utilizes spawn to execute various CLI-based AI agents (e.g., claude-code, cursor) found on the user's system PATH.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) as it imports and processes external design artifacts (ZIP files from Claude Design).
  • Ingestion points: ZIP file import via POST /api/import/claude-design.
  • Boundary markers: None explicitly mentioned for the imported content.
  • Capability inventory: File system writes, shell command execution via spawned agents, and network access via proxy.
  • Sanitization: Not documented for imported ZIP contents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 01:47 PM