m-tokens
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs read-only analysis of the current project to categorize design elements into standard formats like CSS variables and JSON. It does not involve data exfiltration or privilege escalation.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8) because it processes untrusted data from the codebase. However, its capabilities are limited to text generation.
- Ingestion points: Files within the codebase being analyzed.
- Boundary markers: Absent.
- Capability inventory: Reading local file content and outputting formatted text to the user.
- Sanitization: Absent.
Audit Metadata