design-system-extractor
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local bash scripts (scan-tokens.sh and extract-values.sh) to identify configuration files and extract CSS property values. These scripts use standard Unix utilities like find and grep and do not perform network operations or access sensitive system paths.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads and processes arbitrary content from the repository source files.
- Ingestion points: Source code files (e.g., .css, .scss, .tsx, .js) within the target repository.
- Boundary markers: Absent; the agent is instructed to process the raw output of the analysis scripts.
- Capability inventory: Execution of bundled bash scripts and reading of files within the repository.
- Sanitization: The scripts use regular expressions to target specific design-related patterns, which acts as a basic filter for the data passed to the agent.
Audit Metadata