fusion-design

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Susceptibility to Indirect Prompt Injection. The skill instructs the agent to read a local DESIGN.md file and treat it as the 'authoritative source' for design decisions, which could allow an attacker to influence the agent's behavior through malicious instructions embedded in that file.
  • Ingestion points: The skill explicitly looks for and reads a DESIGN.md file at the application root (SKILL.md).
  • Boundary markers: Absent. The skill provides no instructions or delimiters to help the agent distinguish between design data and potential malicious instructions within the DESIGN.md file.
  • Capability inventory: The skill is used for UI implementation decisions, component usage, and layout (SKILL.md). While the skill doesn't explicitly invoke dangerous tools, the agent context using this skill likely has access to file system writes and code execution.
  • Sanitization: Absent. There is no mention of validating or escaping the content of the DESIGN.md file before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 09:32 AM
Security Audit — agent-trust-hub — fusion-design