forge-design
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill reads and writes to a project-specific configuration file
.forge.json. This file is used to store design system parameters like brand colors and tokens. It does not access sensitive system files (e.g., .ssh, .aws) or credentials. - [COMMAND_EXECUTION]: The skill defines internal logical commands such as
/forge-init,/forge-update, and/forge-audit. These are instructions for the agent to perform specific design-related tasks (like calculating color palettes or checking CSS files) and do not translate to arbitrary shell command execution on the host machine. - [INDIRECT_PROMPT_INJECTION]: The skill processes data from
.forge.json. While this file is externally provided, the skill utilizes strict algorithms (HSL conversion, predefined ratios, and semantic mappings) to process the input rather than directly executing the content as instructions, which effectively mitigates injection risks. - [PROMPT_INJECTION]: The instructions contain clear constraints, such as a font banlist and a fixed spacing scale. These are used for design enforcement and do not attempt to bypass the AI agent's core safety guidelines or security protocols.
Audit Metadata