craft-skill-spec
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is composed entirely of markdown documentation and instructional prompts. It does not include executable code, scripts, or package dependencies.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and guidelines from well-known and trusted sources, such as Anthropic and OpenAI. These references are used for informational purposes only and do not involve runtime code execution or untrusted downloads.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-provided ideas and optional assets to generate design specs. While this is an ingestion surface for untrusted data, the skill lacks any dangerous capabilities (e.g., network operations, file system writes, or command execution) that could be leveraged for an attack.
- [PROMPT_INJECTION]: The instructions do not contain patterns intended to bypass safety guardrails, override agent constraints, or extract internal instructions.
Audit Metadata