template-designer
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill accesses local squad configuration files such as discovery.yaml and design.yaml, as well as company-specific memory files. This data access is restricted to the skill's primary purpose of tailoring visual templates to the user's brand and project context.
- [SAFE]: The skill provides clickable preview links to the user using absolute file paths. While this discloses the local directory structure to the agent, it is a functional requirement for file interaction within the user's development environment.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes untrusted content from reference profiles via consolidated-analysis.md. This data is interpolated into generated HTML templates and configuration updates.
- Ingestion points: squads/{code}/_investigations/consolidated-analysis.md (contains external visual patterns).
- Boundary markers: Absent; the content is processed directly to adapt variations.
- Capability inventory: Reads squad configuration files, writes HTML and Markdown files, executes the image-creator skill tool.
- Sanitization: Absent; the skill lacks validation for the content of the reference profiles.
Audit Metadata