d2c-init
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Installs standard development packages (playwright, pixelmatch, pngjs) globally and downloads the Chromium browser to support automated visual verification tasks.\n- [COMMAND_EXECUTION]: Executes a bundled Node.js script (detect-conflicts.js) to identify and report duplicate token values within the project configuration.\n- [DATA_EXFILTRATION]: Accesses local environment variables and API configuration files to populate design system metadata; all collected data remains within the local project structure and is not sent to external servers.\n- [PROMPT_INJECTION]: Includes specific structural constraints (Non-negotiables) to the agent regarding design system enforcement, which are intended to maintain code quality and consistency.\n- [PROMPT_INJECTION]: Indirect prompt injection surface exists as the skill processes untrusted codebase files to extract project settings. This is mitigated by a mandatory user verification phase in Step 8.\n
- Ingestion points: Project source code files, package.json, and styling configuration manifests.\n
- Boundary markers: Absent for scanned source data.\n
- Capability inventory: Full access to Read, Write, Edit, and Bash tools.\n
- Sanitization: Findings are summarized and presented for explicit user review and approval before initialization completes.
Audit Metadata