graphicode-designer
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is instructed to automatically perform git operations, specifically creating commits with generated messages after modifications are complete.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes untrusted data from the project environment to guide its actions.
- Ingestion points: Reads project configuration from
graphig.md, design rules from a specified design spec file, and content from UI source files (.tsx,.less). - Boundary markers: The instructions do not specify any delimiters or safety headers when reading or interpolating the content of these external files.
- Capability inventory: The skill has the ability to read and write files within the project directory and execute git commands.
- Sanitization: There is no evidence of validation or sanitization of the data retrieved from the configuration or design spec files before it is used to determine how to modify code or what to include in commit messages.
Audit Metadata