design-audit
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious instructions, data exfiltration patterns, or obfuscated content were detected in the skill files. The instructions provide a structured framework for performing design audits and do not attempt to bypass security controls or harvest sensitive information.- [PROMPT_INJECTION]: The skill is designed to process untrusted external data, which creates a surface for indirect prompt injection.
- Ingestion points:
SKILL.md(Workflow Step 1) involves processing user-provided URLs, localhost addresses, screenshots, and local repositories. - Boundary markers: Absent; the skill does not provide specific instructions to the agent to disregard instructions potentially embedded within the audited content.
- Capability inventory: Shell command execution (via 'run the app' instruction), file system access, and web navigation tools.
- Sanitization: Absent; the skill does not specify filtering or validation of the ingested external content.
Audit Metadata