extract-design
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends the global installation of the dembrandt npm package, which is a resource provided by the author.
- [COMMAND_EXECUTION]: The instructions include various CLI commands for the dembrandt tool used to analyze websites and save design metadata.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to its core function of ingesting data from untrusted external websites.
- Ingestion points: Untrusted content is read from user-provided URLs.
- Boundary markers: No explicit delimiters are used to wrap the extracted design data or warn the agent to ignore embedded instructions.
- Capability inventory: The agent uses the extracted data to construct configuration files for frameworks like Tailwind and shadcn/ui.
- Sanitization: The skill does not describe any sanitization or validation processes for the data retrieved from external DOM elements.
Audit Metadata