design-spec
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection due to its processing of external data alongside powerful tools.
- Ingestion points: The skill processes external Figma URLs, user story text, and uploaded images/screenshots.
- Boundary markers: No specific delimiters or instructions to ignore embedded directives are provided for the ingested data.
- Capability inventory: The environment permits file system access (Read, Write, Edit) and command-line execution (Bash).
- Sanitization: There is no defined process for sanitizing or validating external input before it is used by the agent to generate specifications or perform tasks.
Audit Metadata