design
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill focuses on validating product-market fit by reading a local
PRODUCT.mdfile and generating summary artifacts in a local.agents/design/directory. All operations are consistent with the documented purpose of a development workflow tool. - [COMMAND_EXECUTION]: Uses benign shell commands (
ls,mkdir) for directory management and file existence checks. The provided validation script (scripts/validate.sh) performs static checks on the skill's own structure usinggrepand file tests, posing no security risk. - [PROMPT_INJECTION]: The skill has an indirect injection surface as it ingests content from
PRODUCT.mdto inform its alignment matrix and the downstreamcouncilskill. While this content is untrusted, the skill uses it within a structured rubric framework, which mitigates simple adversarial influence. - Ingestion points:
PRODUCT.md(Step 1). - Boundary markers: Absent; content is interpolated into scoring rationales.
- Capability inventory: Local file system access (
ls,mkdir, file write) and invocation of thecouncilskill. - Sanitization: No explicit filtering of the
PRODUCT.mdcontent before processing.
Audit Metadata