Skills
skills/owl-listener/designpowers/using-designpowers/Gen Agent Trust Hub

using-designpowers

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill includes strong directives aimed at overriding the agent's default behavior and ensuring the skill's instructions take precedence. It explicitly states that 'Designpowers skills — override default behaviour' and 'IF A SKILL APPLIES TO YOUR TASK, YOU DO NOT HAVE A CHOICE. YOU MUST USE IT.' This pattern of behavioral override is a common prompt injection technique.
  • [PROMPT_INJECTION]: The workflow establishes an indirect prompt injection surface by collecting untrusted user input and passing it to downstream agents via a shared state file and direct instructions.
  • Ingestion points: User input is collected via 'AskUserQuestion' during the 'Welcome Sequence' and throughout the session in 'SKILL.md'.
  • Boundary markers: The skill does not specify the use of delimiters or 'ignore instructions' markers for the interpolated user content in this file.
  • Capability inventory: The orchestrator invokes other skills using the 'Skill' tool and maintains state by reading and writing to the 'design-state.md' file.
  • Sanitization: No explicit sanitization or validation logic is defined for the content processed by the agents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 09:28 AM