design-md-validator

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The bundled script scripts/validate_design_md.mjs executes shell commands using Node.js spawnSync. It specifically runs the npx command to interface with the @google/design.md CLI tool.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to download and run the @google/design.md package from the NPM registry. This package is maintained by a trusted organization.
  • [REMOTE_CODE_EXECUTION]: The skill executes remote code by pulling the linting tool from a public registry at runtime. This is standard behavior for the tool's intended purpose.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests and interprets findings from untrusted DESIGN.md files.
  • Ingestion points: File content from DESIGN.md is read by the agent and processed by the validation script.
  • Boundary markers: The skill does not define specific delimiters or warnings to ignore instructions that might be embedded within the files being validated.
  • Capability inventory: The agent can execute a local script which has the ability to run subprocesses.
  • Sanitization: The validation script passes file paths to spawnSync as an array of arguments, which prevents common shell-based command injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 04:46 PM
Security Audit — agent-trust-hub — design-md-validator