ui-ux-pro-max
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): Potential path traversal in file persistence logic. The script accepts user-supplied arguments such as
--project-name,--page, and--output-dirto construct file paths for saving design systems. The sanitization logic provided (.replace(' ', '-')) is insufficient and does not prevent path traversal characters (e.g.,..), which could allow an agent to write files outside of the intended directory structure. Evidence found inscripts/search.pylines 86-105. - [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface.
- Ingestion points: The script ingests untrusted user input via the
queryargument and processes external CSV data. - Boundary markers: Absent. The
format_outputfunction returns Markdown without delimiters or instructions for the agent to ignore embedded commands within the results. - Capability inventory: The script has file-writing capabilities via the
--persistflag. - Sanitization: Absent. Content is truncated for length but not escaped or sanitized to prevent the injection of malicious instructions into the agent's context. Evidence found in
scripts/search.pylines 34-55.
Audit Metadata