make-design-md
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses npx to install and execute trusted tools including playwright (Microsoft), @google/design.md (Google), and established community packages like pixelmatch and pngjs for visual comparisons and exporting design tokens.\n- [COMMAND_EXECUTION]: Executes several local Node.js scripts (capture_webpage_design.mjs, compare_design_screenshots.mjs, detect_project_env.mjs, and validate_deterministic_design_md.mjs) for style extraction, visual regression testing, and document validation. These operations are scoped to design analysis and project environment detection.\n- [PROMPT_INJECTION]: The skill retrieves and processes external webpage content, which constitutes an indirect prompt injection surface.\n
- Ingestion points: External data is ingested through webpage navigation and screenshot capture in 'scripts/capture_webpage_design.mjs'.\n
- Boundary markers: The instructions do not explicitly include delimiters for the analyzed content, though the synthesis relies on structured data (CSS/layout) rather than unstructured text parsing.\n
- Capability inventory: The skill can execute local scripts, run npx commands, and write to the local file system (artifact directory).\n
- Sanitization: Structural extraction of specific CSS properties and visual screenshot analysis provides natural filtering against simple text-based command injections.\n- [SAFE]: Environment detection is performed by reading local project files like 'package.json' and configuration files (e.g., 'tailwind.config.js') to recommend appropriate export paths, which is standard behavior for frontend development tools.
Audit Metadata