ui-editorial-writing-surface
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a 'STYLE_INSPIRATION' input that accepts natural-language descriptors, creating a surface for indirect prompt injection where untrusted data could influence generated code or application behavior. \n- Ingestion points: The input variable 'STYLE_INSPIRATION' is used during the integration workflow to guide the UI generation. \n- Boundary markers: Absent; there are no delimiters or explicit instructions to the agent to ignore potentially malicious embedded commands within the user-provided style descriptor. \n- Capability inventory: The skill facilitates the creation of multiple source files (React components and CSS) and provides commands for local project verification, including 'bun run build' and 'bun run lint'. \n- Sanitization: No validation, escaping, or filtering mechanisms are defined for the 'STYLE_INSPIRATION' input.
Audit Metadata