design-director
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (design briefs, Figma URLs, and images) which presents a surface for indirect prompt injection.
- Ingestion points: The 'Brief Simplify' and 'Design Critique' modes ingest user-provided text, documents, images, and Figma URLs from external sources.
- Boundary markers: The instructions do not define clear delimiters or specific instructions to the model to ignore potential directives within the processed data.
- Capability inventory: The skill includes functionality to write generated markdown artifacts to the local 'design/' directory.
- Sanitization: There is no evidence of input validation or sanitization of the external content before it is processed by the agent.
Audit Metadata