design
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands during its setup phase to install necessary extensions. Specifically, it executes 'npx skills add' to incorporate design intelligence and interactive artifact builders into the agent's environment.
- [EXTERNAL_DOWNLOADS]: The workflow requires the installation of external skills from third-party sources to provide specific UI/UX guidelines and interactive components. While some sources are from well-known organizations, others are generic external dependencies required for the design process.
- [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data from multiple sources, creating a surface for indirect prompt injection. This data is used to steer the generation of visual assets and code artifacts.
- Ingestion points: User-supplied design briefs, brand references, and real-time search results fetched from the web.
- Boundary markers: The instructions lack explicit delimiters or specific 'ignore embedded instructions' markers when passing external search results or user briefs to the generation tools.
- Capability inventory: The skill possesses capabilities to execute shell commands, read/write to the platform's Artifact Store, and deploy generated code as live web pages on the vendor's production domain.
- Sanitization: No automated validation or sanitization steps are documented for the input strings processed during the multi-step design and refinement workflow.
Audit Metadata