design-craft
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses authoritative language such as 'CRITICAL' and 'MANDATORY', but these are strictly applied to design quality and anti-slop rules. There are no attempts to bypass safety filters or ignore prior instructions.
- [DATA_EXPOSURE]: The skill instructs the agent to scan local project files like
package.json,tailwind.config, andglobals.css. This is a legitimate 'brownfield' project scan intended to harmonize new designs with existing tokens and does not involve exfiltrating sensitive data. - [INDIRECT_PROMPT_INJECTION]: The skill has a data ingestion surface as it reads project configuration files to determine design context. However, the capabilities are limited to generating UI code (TSX/JSX/CSS) based on those tokens, with no execution of untrusted data in a dangerous context.
- [EXTERNAL_DOWNLOADS]: The skill mentions well-known and trusted UI libraries and tools (e.g., shadcn, Radix, GSAP, Framer Motion) as reference points for the agent's environment, but does not perform any unauthorized remote downloads.
- [COMMAND_EXECUTION]: No shell commands, dynamic context injections (!command), or system-level operations are present in the skill files.
Audit Metadata