design-an-interface
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by interpolating untrusted user data into prompts for sub-agents.
- Ingestion points: User-provided module descriptions and gathered requirements are directly inserted into sub-agent prompt templates in
SKILL.md. - Boundary markers: The prompt templates do not utilize clear delimiters or instructions for sub-agents to ignore potentially malicious content within the user-provided module description.
- Capability inventory: The skill utilizes the
Tasktool to spawn sub-agents. Based on the provided code, these sub-agents are restricted to generating interface designs and trade-offs rather than executing system-level commands. - Sanitization: There is no evidence of input validation or sanitization to prevent an attacker from including instructions in the module description that could influence the sub-agents' behavior.
Audit Metadata