design-extract
Pass
Audited by Gen Agent Trust Hub on Jul 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
memiCLI tool to extract design metadata and generate design documentation (e.g.,memi design-doc <url>). - [EXTERNAL_DOWNLOADS]: The skill fetches HTML and CSS content from user-provided external URLs to analyze their design tokens and components.
- [PROMPT_INJECTION]: The skill processes untrusted external data from processed websites, creating an indirect prompt injection surface where malicious instructions could attempt to influence agent behavior during synthesis.
- Ingestion points: Public URLs provided as arguments to the
design_doctool ormemicommand. - Boundary markers: No specific delimiters or safety instructions are defined in the skill documentation to isolate fetched web content from the agent's system prompt.
- Capability inventory: The skill is primarily designed to output a
DESIGN.mdfile; no other high-risk capabilities like local file system writes or unauthorized network access were identified. - Sanitization: The skill instructions do not specify any sanitization or filtering of the fetched web content before it is processed by the agent.
Audit Metadata