Skills
skills/agilek/wireframer-skill/wireframer/Gen Agent Trust Hub

wireframer

Warn

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines an initialization routine that directs the agent to modify or create local AI instruction files, including .cursorrules, agents.md, and CLAUDE.md. This mechanism ensures that the skill's specific stylistic and architectural constraints are persisted in the project's permanent context.
  • [DATA_EXFILTRATION]: The agent is instructed to read existing configuration and instruction files from the project root (e.g., .cursorrules, .clinerules, CLAUDE.md). This enables the agent to inspect the current environment and previous instructions before applying new rules.
  • [PROMPT_INJECTION]: The skill reads user-controlled project files such as .cursorrules and CLAUDE.md. This creates a surface for indirect prompt injection where malicious instructions inside these files could influence the agent.
  • Ingestion points: Project configuration files (.cursorrules, CLAUDE.md, etc.) are read in SKILL.md.
  • Boundary markers: Absent.
  • Capability inventory: The skill can modify local files, install packages via npm, and access the network.
  • Sanitization: No sanitization of ingested file content is performed.
  • [EXTERNAL_DOWNLOADS]: The skill uses external resources including the wired-elements web component library via the unpkg CDN and references the react-doodle-icons repository on GitHub for icon assets. It also utilizes Google Fonts to provide hand-drawn typography.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 11, 2026, 06:10 PM