design-system
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Mentions the installation of well-known development tools and official addons from the Storybook ecosystem, specifically
@storybook/addon-a11yand@storybook/test-runner. These are standard tools for accessibility testing in frontend development environments. - [COMMAND_EXECUTION]: Provides standard shell and PowerShell commands to facilitate the discovery of design token configuration files (e.g.,
tokens.json,tailwind.config.js) within a local project directory. The commands are scoped to exclude common dependency and build directories likenode_modulesor.next. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) because it is designed to ingest and process external data from design token files.
- Ingestion points: Files discovered via the provided
findcommands, such astailwind.config.js,theme.ts, ortokens.json. - Boundary markers: None identified in the skill body.
- Capability inventory: Execution of shell commands for file discovery and implied reading of the discovered files for auditing.
- Sanitization: No explicit sanitization logic is provided for the content of the token files being audited. This exposure is typical for auditing tools and is inherent to the skill's primary purpose of validating external configuration data.
Audit Metadata