implement-with-design
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from local plan files and documentation to drive its implementation loop.
- Ingestion points: Plan files (plan.md), UI rules (UI-RULES.md), design tokens (DESIGN.md), and library caches (.library/) as specified in SKILL.md.
- Boundary markers: The skill does not define specific markers to isolate instructions from data within these files.
- Capability inventory: The agent can write source code, create git commits, execute package manager commands for versioning, and perform web searches via Exa.
- Sanitization: No input sanitization or verification mechanism is described for the content of the plan files.
- [COMMAND_EXECUTION]: The skill instructs the agent to use various system commands for project management and environment discovery.
- Uses git status, git add, and git commit to manage the working tree.
- Uses package manager CLI tools (e.g., npm view, pip index, cargo search) to verify dependency versions.
- [EXTERNAL_DOWNLOADS]: The skill fetches external data to support the implementation process.
- Uses Exa tools (get_code_context_exa, web_search_exa) and Context7 for library research and documentation.
- Queries official package registries for version information.
Audit Metadata