efecto-graphic-design

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill demonstrates safe behavior and uses standard integration patterns for the Efecto platform.
  • [COMMAND_EXECUTION]: Provides instructions to install the Efecto MCP server using npx -y @efectoapp/mcp. This is a standard and expected installation command for the tool described in the skill.
  • [EXTERNAL_DOWNLOADS]: The skill requires downloading the @efectoapp/mcp package from the NPM registry and connects to the efecto.app service to facilitate live design sessions. These are functional requirements for the skill's purpose.
  • [DATA_EXPOSURE]: The skill processes design document states via the get_document tool. This involves ingesting structured JSX data from an external design canvas to perform iterative updates. While this represents a surface for indirect prompt injection, it is restricted to the design context and is a primary feature of the tool.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 10:36 AM
Security Audit — agent-trust-hub — efecto-graphic-design