Skills
skills/sethgammon/citadel/design/Gen Agent Trust Hub

design

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.
  • Ingestion points: The skill reads tailwind.config.*, global CSS files, and component source files (JSX/TSX) to extract design tokens (documented in SKILL.md).
  • Boundary markers: Absent; the instructions do not specify the use of delimiters or safety instructions when ingesting external file content.
  • Capability inventory: The skill performs file system read operations across the codebase and writes to .planning/design-manifest.md.
  • Sanitization: Absent; the skill does not explicitly validate or sanitize the input from the files it scans.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 10:49 AM