design
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external data sources to create technical designs.
- Ingestion points: Reads discover.md, impact-analysis.md, and existing repository source code.
- Boundary markers: Lacks instructions to use delimiters or markers to isolate untrusted content from the primary prompt instructions.
- Capability inventory: Possesses file-write capabilities for creating system-design.md and generating PlantUML/SVG diagrams.
- Sanitization: No mechanisms for validation or sanitization of the ingested content are specified.
Audit Metadata