brand-design
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A thorough review of the skill's instructions and reference files revealed no evidence of malicious intent, credential theft, or unauthorized code execution. The skill's operations are limited to project research, user interviewing, and generating brand documentation within a local directory.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface in Phase 3 (Competitor Research), which is common for skills involving web research. This is documented for awareness but is considered an acceptable risk for the skill's primary function.
- Ingestion points: Untrusted data enters the agent's context through the
WebFetchtool inSKILL.mdwhen researching competitor homepages. - Boundary markers: The instructions do not currently utilize explicit delimiters (e.g., XML tags) or system-level instructions to ignore commands potentially embedded in the fetched web content.
- Capability inventory: The skill has access to
Write,Read, andGlobtools, which are used to generate the six final design deliverable files in thebrand/subdirectory. - Sanitization: The skill does not implement explicit sanitization or filtering of the content retrieved from external websites before synthesizing it into the competitive research report.
- [SAFE]: The use of absolute file paths (e.g.,
C:/Users/StuartBlackler/...) is a local configuration choice by the author. While this may impact portability across different systems, it does not constitute a security threat to the user or the environment.
Audit Metadata