design-intelligence
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection via untrusted external content.
- Ingestion points: External content enters the agent context through live URLs and code snippets processed in 'REVIEW' mode (SKILL.md).
- Boundary markers: Absent. The skill lacks explicit instructions or delimiters to isolate untrusted external content from system instructions.
- Capability inventory: The skill employs navigation and code analysis capabilities to process these external sources.
- Sanitization: Absent. There is no evidence of validation or filtering for instructions embedded within the processed data.
Audit Metadata