bmad-cis-design-thinking
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The instructions establish a clear, structured workflow for a design facilitator role. No override markers, bypass attempts, or instructions to ignore safety guidelines were found.
- [DATA_EXFILTRATION]: The skill reads from project-specific configuration files and data files (design-methods.csv). It writes output to a local directory defined in the project configuration. No network requests (curl, wget, etc.) or indicators of data being sent to external domains were identified.
- [REMOTE_CODE_EXECUTION]: The skill does not download external scripts or install third-party packages. It operates purely as an instructional guide for the agent.
- [COMMAND_EXECUTION]: No shell commands or system-level execution patterns were detected. The file-writing operations are restricted to the local project structure.
- [INDIRECT_PROMPT_INJECTION]: The skill has a data ingestion surface (workflow.md, Step 1 and Step 2) where it processes user-provided design challenge context and research insights.
- Ingestion points: workflow.md (Step 1, Step 2)
- Boundary markers: Absent
- Capability inventory: Local file-write operation to the output folder.
- Sanitization: Absent
- Assessment: Because the skill's capabilities are limited to generating markdown text and saving it to a local file, the risk of a harmful outcome from malicious input in the design challenge context is negligible.
Audit Metadata