bmad-ux

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script resolve_customization.py during the activation phase to handle workflow configuration and project-specific settings.
  • [COMMAND_EXECUTION]: To provide interactive feedback, the skill uses the Python webbrowser module to open locally generated HTML mockups and design reports in the user's default browser.
  • [EXTERNAL_DOWNLOADS]: The skill references Google Stitch as a primary target for design handoffs, which is a service provided by a well-known and trusted organization.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data from user-supplied documents and visuals (e.g., PRDs, Figma exports) stored in the project workspace.
  • Ingestion points: Data enters the context from the {planning_artifacts}/ and imports/ directories.
  • Boundary markers: The instructions do not explicitly define specific XML or marker-based delimiters for untrusted content.
  • Capability inventory: The agent can write files to the local workspace, execute specific Python scripts for customization, and trigger the opening of local files in a web browser.
  • Sanitization: No explicit sanitization or filtering logic is described for the content extracted from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 07:18 AM
Security Audit — agent-trust-hub — bmad-ux