design-workflow
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow that relies on ingesting and analyzing content from untrusted external sources, which could contain hidden malicious instructions designed to influence the agent's behavior.
- Ingestion points: Instructions in
SKILL.mddirect the agent to extract information from an "existing product, codebase, brand guide, screenshot set, Figma file, or reference site." - Boundary markers: The skill does not provide instructions to use delimiters or specific ignore commands to isolate external content from the agent's instructions.
- Capability inventory: The skill orchestrates tasks like source-map extraction, prototyping, and design variations, which may involve the agent acting on the untrusted data.
- Sanitization: There are no guidelines for validating or sanitizing the ingested content before it is processed by the agent.
- [NO_CODE]: The skill is comprised of markdown documentation and YAML configuration. It does not include any scripts, binaries, or logic for direct command execution.
Audit Metadata