bm-design-system

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to perform local environment discovery by inspecting configuration files like package.json, vite.config.ts, next.config.*, and Gemfile to determine the project framework and Tailwind CSS version.
  • [EXTERNAL_DOWNLOADS]: The skill references legitimate assets from well-known services, specifically Google Fonts for typography. It also prepares an installation command for established Node.js libraries (e.g., Radix UI, Lucide, Milkdown) to be reviewed and executed by the user.
  • [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface in Phase 6, where it scans existing project UI files for migration.
  • Ingestion points: Project source files in directories like src/pages, app/, and components/.
  • Boundary markers: The skill utilizes bm-design-system:start and bm-design-system:end HTML-style comment markers when writing to project files (CSS and Markdown) to delimit its managed content, though such markers are naturally absent from the user's pre-existing UI files.
  • Capability inventory: The agent has the ability to read project files, write new component files, and modify existing configuration/instruction files.
  • Sanitization: The skill performs token substitution on its own internal templates but does not specify sanitization for the content of the files it scans for migration.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 06:11 PM
Security Audit — agent-trust-hub — bm-design-system