design-extract

Pass

Audited by Gen Agent Trust Hub on Jul 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the memi CLI tool to extract design metadata and generate design documentation (e.g., memi design-doc <url>).
  • [EXTERNAL_DOWNLOADS]: The skill fetches HTML and CSS content from user-provided external URLs to analyze their design tokens and components.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from processed websites, creating an indirect prompt injection surface where malicious instructions could attempt to influence agent behavior during synthesis.
  • Ingestion points: Public URLs provided as arguments to the design_doc tool or memi command.
  • Boundary markers: No specific delimiters or safety instructions are defined in the skill documentation to isolate fetched web content from the agent's system prompt.
  • Capability inventory: The skill is primarily designed to output a DESIGN.md file; no other high-risk capabilities like local file system writes or unauthorized network access were identified.
  • Sanitization: The skill instructions do not specify any sanitization or filtering of the fetched web content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 15, 2026, 09:48 PM