refero-design
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill content is primarily educational and instructional, guiding the AI through a systematic design process using best practices for typography, color, and accessibility.
- [EXTERNAL_DOWNLOADS]: The skill references a legitimate vendor-hosted API and MCP server (api.refero.design) and its own GitHub repository. These are documented as necessary components for the design research functionality and are consistent with the vendor's identity.
- [CREDENTIALS_SAFE]: Authentication is handled via user-provided tokens in standard configuration formats. No hardcoded secrets or unsafe credential handling patterns were found.
- [DATA_EXFILTRATION]: No evidence of unauthorized data access or exfiltration was detected. The skill requires a user-provided token to access its design database, and network activity is limited to this API.
Audit Metadata