design-system-extractor

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local bash scripts (scan-tokens.sh and extract-values.sh) to identify configuration files and extract CSS property values. These scripts use standard Unix utilities like find and grep and do not perform network operations or access sensitive system paths.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads and processes arbitrary content from the repository source files.
  • Ingestion points: Source code files (e.g., .css, .scss, .tsx, .js) within the target repository.
  • Boundary markers: Absent; the agent is instructed to process the raw output of the analysis scripts.
  • Capability inventory: Execution of bundled bash scripts and reading of files within the repository.
  • Sanitization: The scripts use regular expressions to target specific design-related patterns, which acts as a basic filter for the data passed to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:59 AM
Security Audit — agent-trust-hub — design-system-extractor