bm-design-system
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to perform local environment discovery by inspecting configuration files like
package.json,vite.config.ts,next.config.*, andGemfileto determine the project framework and Tailwind CSS version. - [EXTERNAL_DOWNLOADS]: The skill references legitimate assets from well-known services, specifically Google Fonts for typography. It also prepares an installation command for established Node.js libraries (e.g., Radix UI, Lucide, Milkdown) to be reviewed and executed by the user.
- [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface in Phase 6, where it scans existing project UI files for migration.
- Ingestion points: Project source files in directories like
src/pages,app/, andcomponents/. - Boundary markers: The skill utilizes
bm-design-system:startandbm-design-system:endHTML-style comment markers when writing to project files (CSS and Markdown) to delimit its managed content, though such markers are naturally absent from the user's pre-existing UI files. - Capability inventory: The agent has the ability to read project files, write new component files, and modify existing configuration/instruction files.
- Sanitization: The skill performs token substitution on its own internal templates but does not specify sanitization for the content of the files it scans for migration.
Audit Metadata