design-spec

Pass

Audited by Gen Agent Trust Hub on Jul 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by instructing the agent to fetch and "study" over 70 external examples from a GitHub repository (github.com/VoltAgent/awesome-design-md). These external files are attacker-controllable data surfaces that could contain instructions designed to manipulate the agent's behavior.
  • Ingestion points: The collection.md file points the agent to a large library of external Markdown files for ingestion.
  • Boundary markers: The instructions do not provide delimiters or warnings to the agent to ignore instructions embedded within the external design data.
  • Capability inventory: The agent has access to Write and Edit tools, which could be exploited if the agent obeys malicious instructions found in the ingested files.
  • Sanitization: No validation or sanitization of the external content is performed before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 1, 2026, 12:39 PM
Security Audit — agent-trust-hub — design-spec