Skills
skills/yldgio/vibe-grimoire/design-it-twice/Gen Agent Trust Hub

design-it-twice

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8).
  • Ingestion points: User-provided module descriptions and requirements, and content read from the local codebase during the exploration phase (SKILL.md).
  • Boundary markers: The skill interpolates these inputs into sub-agent prompts without using explicit delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill uses a Task tool to spawn sub-agents and implies file-read capabilities for codebase exploration.
  • Sanitization: There is no evidence of sanitization or escaping of the ingested data before it is passed to sub-agents.
  • Note: The impact is limited as the skill's primary output is design documentation and prose comparison.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 10:37 AM