Skills
skills/keejkrej/design-skills/design-md/Gen Agent Trust Hub

design-md

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Downloads the @google/design.md package from the official npm registry. This package provides the command-line interface required to lint, diff, and export design tokens.
  • [COMMAND_EXECUTION]: Utilizes npx to execute the @google/design.md CLI. This allows the agent to validate design systems against accessibility standards and generate theme configurations.
  • [PROMPT_INJECTION]: Processes user-provided DESIGN.md files. While this creates a surface for indirect prompt injection, the risk is minimal as the data is handled by a formal validation tool. 1. Ingestion points: DESIGN.md files in the project root. 2. Boundary markers: None explicitly defined. 3. Capability inventory: Command execution via npx and file writing. 4. Sanitization: None explicitly defined.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 12:50 PM