Skills
skills/yunshu0909/yunshu_skillshub/macos-product-design/Gen Agent Trust Hub

macos-product-design

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill uses a sub-agent to generate code based on user input, which is interpolated into a prompt template without sufficient security boundaries, identifying a surface for indirect prompt injection findings.
  • Ingestion points: User design requirements [用户的需求描述] are directly inserted into the Phase 2 sub-agent prompt template in SKILL.md.
  • Boundary markers: Absent. The user-provided content is not wrapped in delimiters (such as XML tags) or accompanied by instructions for the sub-agent to ignore any embedded directives within that input.
  • Capability inventory: The sub-agent has access to Read (to access the local design system reference) and Write (to output generated HTML files) tools.
  • Sanitization: No input validation or escaping mechanisms are specified to ensure that malicious instructions in the user requirement do not affect the sub-agent's behavior.
  • [NO_CODE]: The skill is composed strictly of Markdown documentation and prompt instructions. It does not include any executable scripts (e.g., Python, JavaScript, Shell) or dependencies on external software packages.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 06:54 AM
Security Audit — agent-trust-hub — macos-product-design