peach-team-dev
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like
findto discover its own sub-skills within standard local agent directories (~/.claude, ~/.agents). This is a standard discovery mechanism for the vendor's integrated tool suite. - [COMMAND_EXECUTION]: The orchestrator executes standard project maintenance and validation commands, including
bun test,bun run build, andvue-tsc, to verify the integrity and quality of generated code. - [EXTERNAL_DOWNLOADS]: The skill integrates with Figma, a well-known design service, to retrieve UI design specifications. This process uses designated MCP tools and targets official figma.com domains.
- [PROMPT_INJECTION]: The skill provides a natural language "prompt mode" for code modification, which presents an attack surface for indirect prompt injection. This risk is managed through structural delimiters and a mandatory multi-agent QA cycle (Ralph Loop) that verifies all changes using automated test suites.
- Ingestion points: Natural language prompts processed in the
prompt-mode.mdworkflow. - Boundary markers: Untrusted input is encapsulated within specific Markdown sections to isolate it from system instructions.
- Capability inventory: The agents possess file modification (
Write,Edit) and shell execution (Bash) capabilities to perform development tasks. - Sanitization: Outputs are sanitized via mandatory linting, type-checking, and unit testing performed by independent QA agents.
Audit Metadata