bmad-ux
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
resolve_customization.pyduring the activation phase to handle workflow configuration and project-specific settings. - [COMMAND_EXECUTION]: To provide interactive feedback, the skill uses the Python
webbrowsermodule to open locally generated HTML mockups and design reports in the user's default browser. - [EXTERNAL_DOWNLOADS]: The skill references Google Stitch as a primary target for design handoffs, which is a service provided by a well-known and trusted organization.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data from user-supplied documents and visuals (e.g., PRDs, Figma exports) stored in the project workspace.
- Ingestion points: Data enters the context from the
{planning_artifacts}/andimports/directories. - Boundary markers: The instructions do not explicitly define specific XML or marker-based delimiters for untrusted content.
- Capability inventory: The agent can write files to the local workspace, execute specific Python scripts for customization, and trigger the opening of local files in a web browser.
- Sanitization: No explicit sanitization or filtering logic is described for the content extracted from external sources.
Audit Metadata