Skills
skills/lintendo/axhub-make/design-review/Gen Agent Trust Hub

design-review

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes external, potentially untrusted data during the design review process.
  • Ingestion points: The skill reads source code files (e.g., .tsx, .css, .module.css) from src/prototypes/ and src/components/ in Step 4.
  • Boundary markers: There are no explicit instructions to use boundary markers or "ignore embedded instructions" delimiters when the agent or its sub-agents ingest these files.
  • Capability inventory: The skill uses find and git diff for file discovery and recommends using browser_subagent to read and process the full source code of components.
  • Sanitization: The instructions do not specify any validation or sanitization of the content read from the source files before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 03:56 PM