The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes several Bash commands for static analysis, including grep, wc, find, and du. These are used to identify design patterns, count occurrences of UI tokens, and check for responsive design markers (e.g., Tailwind CSS utilities). The commands are executed with hardcoded parameters on the local source code.
[REMOTE_CODE_EXECUTION]: The skill triggers npm run build and npx eslint to gather performance metrics and accessibility data. While these commands involve executing scripts or binaries from the local environment (and potentially downloading the eslint package if not present), they are standard practices in a software development and review workflow.
[DATA_EXFILTRATION]: No evidence of data exfiltration was found. The skill reads from local source files and writes report files to a sub-directory (reviews/design-review/) within the same repository. No external network requests (outside of standard package managers) are initiated.
[PROMPT_INJECTION]: The skill instructs the agent to pre-fill context from the App-Brief.md file. While this introduces an indirect prompt injection surface (where malicious content in the brief could influence the agent's prompts to the user), the risk is mitigated by the fact that the agent is explicitly instructed to ask the user for confirmation of all scores and rationale before finalizing the report.
[CREDENTIALS_UNSAFE]: No hardcoded credentials, API keys, or access to sensitive configuration files (like .ssh or .aws) were detected. The skill focuses strictly on application source code and design-related metadata.

flows-design-review