technical-design
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is entirely instructional, focusing on documentation standards and workflow orchestration. It does not invoke external scripts, binaries, or perform any high-risk operations.
- [NO_CODE]: The skill does not include any executable scripts, binaries, or source code files; it consists solely of markdown instructions and a reference configuration file.
- [EXTERNAL_DOWNLOADS]: The reference inventory includes links to reputable developer blogs and official documentation (Microsoft, Addy Osmani). These are used neutrally for guidance and do not involve automated execution or package installation.
- [PROMPT_INJECTION]: The skill identifies a workflow that ingests content from external 'design documents'. This is an intended surface for document-based reasoning. The risk is negligible as the skill lacks dangerous tool access (e.g., shell or network) to exploit any potential injection. Ingestion points: reading files in the
design-docs/directory. Boundary markers: uses a structured template to guide extraction, though no security-specific delimiters are present. Capability inventory: scoped to file reading and markdown document generation. Sanitization: none.
Audit Metadata